Missing price validation controls in RAACNFT Minting
Vulnerability Details
The mint function in RAACNFT.sol lacks crucial price validation controls when fetching house prices from the oracle (raac_hp). The current implementation only checks if the price is non-zero and if the user has provided sufficient funds, but fails to implement:
Price boundaries (min/max thresholds)
Price deviation limits
Circuit breakers for abnormal price movements
As the house prices are defined off-chain, there must be a way to guarantee that when user is minting an NFT he won't pay an unfair price(otherwise it could lead the protocol or the user to lose funds).
As there is no check for price deviation limits, price boundaries(min/max) this is completely possible to happen.
ps: I submitted a separate report about the staled price, that's why it is not mentioned here.
Impact
Users can pay significantly more or less than the actual house value.
Protocols can suffer economic damage if the reported price is considerably low than the actual price.
System-wide economic imbalances if prices deviate significantly from market values
Tools Used
Manual Review
Recommendations
Implement price boundaries(min/max).
Implement price deviation limits.
Allow governance to adjust the price boundaries and deviation limits.
If possible, utilize multiple Oracle sources for price validation.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.