Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

No Response Integrity Check

ibukunola

Summary

The _processResponse function decodes response without verifying its integrity, risking reverts from malformed data that stall prime rate updates. This medium-impact, low-likelihood issue could leave LendingPool using stale rates, misaligning operations with market conditions.

Vulnerability Details

The function assumes a valid uint256 in response without safeguards. Example:

Oracle sends malformed response (e.g., non-uint256 data).
abi.decode reverts, lastPrimeRate stays at 1e18 (1%) from prior update.
Market rate shifts to 5e18 (5%), LendingPool uses 1e18 for 10M crvUSD loans.
Users over-borrow 8M crvUSD, risking 4M crvUSD loss on correction.

Impact

The protocol risks moderate losses (e.g., 4M crvUSD), a medium-impact issue from operational misalignment. The low likelihood reflects rare malformed responses from Chainlink, but the lack of error handling amplifies the consequence of such failures.

Tools Used

Manual Code Review: To verify absence of error handling in _processResponse.

Recommendations

Use try-catch for decoding:

function _processResponse(bytes memory response) internal override {
try this.decodeResponse(response) returns (uint256 newRate) {
lastPrimeRate = newRate;
lastUpdateTimestamp = block.timestamp;
lendingPool.setPrimeRate(newRate);
emit PrimeRateUpdated(newRate);
} catch {
revert("Invalid oracle response");
}
}
function decodeResponse(bytes memory response) external pure returns (uint256) {
return abi.decode(response, (uint256));
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.