Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View all submissions
Previous Next
Submission Details
Severity: high
Invalid

Unauthenticated Oracle Updates

Author Revealed upon completion

Summary

Unauthenticated Oracle Updates leads to unfair liquidatioin

Vulnerability Details

RAACHousePriceOracle.updatePrice() lacks access controls, allowing arbitrary users to manipulate real estate valuations.

Impact

  • Incorrect prices lead to undercollateralized loans or unfair liquidations.

Tools Used

Manual Review

Recommendations

  • Before: Unrestricted updatePrice

function updatePrice(uint newPrice) external { ... }

  • After: Restrict to trusted oracle nodes ex. Chainlink

function updatePrice(uint newPrice) external onlyOracleNode { ... }
Updates

Lead Judging Commences

inallhonesty Lead Judge 8 days ago
Submission Judgement Published
Invalidated
Reason: Lack of quality

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.