Submission Details
Severity:
Price Staleness Check Missing in RAACNFT contract
Description
The mint function in RAACNFT uses tokenToHousePrice instead of getLatestPrice, which is problematic because:
It doesn't receive or check the timestamp of the price update
Users could potentially mint NFTs using stale prices if the oracle hasn't updated recently
This could be exploited if market prices have changed significantly
Impact
Users could mint NFTs at outdated prices
In a rising market, users could get NFTs below market value
In a falling market, users might overpay
Lines of code
Recommended Fix
function mint(uint256 _tokenId, uint256 _amount) public override {
(uint256 price, uint256 timestamp) = raac_hp.getLatestPrice(_tokenId);
if(price == 0) { revert RAACNFT__HousePrice(); }
// Add staleness check
uint256 PRICE_STALENESS_THRESHOLD = 1 days; // Define appropriate threshold
if(block.timestamp - timestamp > PRICE_STALENESS_THRESHOLD) {
revert RAACNFT__StalePrice();
}
if(price > _amount) { revert RAACNFT__InsufficientFundsMint(); }
// ... rest of the function
}
Tools Used
Manual Review + Foundry Testing Framework
Updates
Lead Judging Commences
inallhonesty about 2 months ago
Submission Judgement Published Assigned finding tags:
LendingPool::getNFTPrice or getPrimeRate doesn't validate timestamp staleness despite claiming to, allowing users to exploit outdated collateral values during price drops
inallhonesty about 2 months ago
Submission Judgement Published Assigned finding tags:
LendingPool::getNFTPrice or getPrimeRate doesn't validate timestamp staleness despite claiming to, allowing users to exploit outdated collateral values during price drops
Prize pool breakdown
Total prize
77,280 USDC
nSLOC
3,86420 USDC / LOC
74,000
3,280
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.