Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Valid

Missing stale price check for NFT

x1485967

Summary

Missing stale price check for NFT

Vulnerability Details

In function getNFTPrice(), we aim to get this NFT's price. And we need to check if the price is staleness. If the price is staleness, we should revert. Because borrowers will borrow funds based on the NFT's price. If the NFT's price is staleness, borrowers may make use of this staleness price to borrow more funds than expected.

And according to the comments of this function, checking the price's staleness is the expected behavior, the dev missing this part.

/ *
* Checks if the price is stale
*/
// @audit-issue do we need to check the price's staleness here ???
function getNFTPrice(uint256 tokenId) public view returns (uint256) {
(uint256 price, uint256 lastUpdateTimestamp) = priceOracle.getLatestPrice(tokenId);
if (price == 0) revert InvalidNFTPrice();
return price;
}

Impact

Borrowers may make use of this staleness price to borrow more funds.

Tools Used

Manual

Recommendations

Check whether the price is staleness. If this price is staleness, we should not use this price to calculate the borrower's collateral value.

Updates

Lead Judging Commences

inallhonesty Lead Judge about 2 months ago
Submission Judgement Published
Validated
Assigned finding tags:

LendingPool::getNFTPrice or getPrimeRate doesn't validate timestamp staleness despite claiming to, allowing users to exploit outdated collateral values during price drops

inallhonesty Lead Judge about 2 months ago
Submission Judgement Published
Validated
Assigned finding tags:

LendingPool::getNFTPrice or getPrimeRate doesn't validate timestamp staleness despite claiming to, allowing users to exploit outdated collateral values during price drops

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.