Core Contracts

Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Submission Details
Severity: low
Valid

`RAACHousePrices::getLatestPrice` returned timestamp has no relation to `tokenId`

Summary

When calling getLatestPrice, the returned lastUpdateTimestamp represents the last update timestamp of any house price, and not the last update timestamp of the returned price.

Vulnerability details

When calling getLatestPrice, the returned lastUpdateTimestamp represents the last update timestamp of any house price, and not the last update timestamp of the returned price as shown by this code snippet:

File: contracts/core/primitives/RAACHousePrices.sol
34: function getLatestPrice(
35: uint256 _tokenId
36: ) external view returns (uint256, uint256) {
37: return (tokenToHousePrice[_tokenId], lastUpdateTimestamp);
38: }
...:
...: //* ---------------- some code ------------------- *//
...:
49: function setHousePrice(
50: uint256 _tokenId,
51: uint256 _amount
52: ) external onlyOracle {
53: tokenToHousePrice[_tokenId] = _amount;
54: lastUpdateTimestamp = block.timestamp;
55: emit PriceUpdated(_tokenId, _amount);
56: }

Impact

Not being able to get the lastUpdateTimestamp for a specific tokenId poses the risk of stale value that does not represent the true price of a tokenId.

Recommended Mitigation Steps

Store a lastUpdateTimestamp per tokenId, otherwise this has no value.

Updates

Lead Judging Commences

inallhonesty Lead Judge 2 months ago
Submission Judgement Published
Validated
Assigned finding tags:

RAACHousePrices uses a single global lastUpdateTimestamp for all NFTs instead of per-token tracking, causing misleading price freshness data

inallhonesty Lead Judge 2 months ago
Submission Judgement Published
Validated
Assigned finding tags:

RAACHousePrices uses a single global lastUpdateTimestamp for all NFTs instead of per-token tracking, causing misleading price freshness data

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.