`LendingPool::getNFTPrice` doesn't check for stale prices, leading to wrong calculations
Summary
The LendingPool::getNFTPricefunction query the NFT price and the time of the last update from the RAACHousePrice::tokenToHousePricethrough the getLatestPrice function. However, it doesn't check for staleness.
Vulnerability Details
The RAACHousePrice::getLatestPrice function returns the price and the lastUpdateTimestampbut the LendingPool::getNFTPrice only checks if the price is zero, which means if the price hasn't been updated for a long time, the function will always return an outdated price.
Impact
Users can borrow against outdated prices or even take advantage of outdated prices to avoid liquidations.
Tools Used
Code Review
Recommendations
Define a threshold and check against it to avoid stale prices.
Lead Judging Commences
LendingPool::getNFTPrice or getPrimeRate doesn't validate timestamp staleness despite claiming to, allowing users to exploit outdated collateral values during price drops
LendingPool::getNFTPrice or getPrimeRate doesn't validate timestamp staleness despite claiming to, allowing users to exploit outdated collateral values during price drops
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.