Stratax Contracts

First Flight #57

Beginner FriendlyDeFi

100 EXP

View all submissions

Previous Next

Submission Details

Impact: medium

Likelihood: medium

Owner Can Modify Oracle Feed

Author Revealed upon completion

Root + Impact

Description

StrataxOracle.sol grants the contract owner full control over changing the price feed for any token. The owner can modify the price feed without any additional checks or safeguards.
This introduces a centralization risk where the owner has the ability to manipulate critical pricing data, which could lead to malicious actions if the owner's private key is compromised.

// Root cause in the codebase with @> marks to highlight the relevant section

function setPriceFeed(address _token, address _priceFeed) external onlyOwner {

_setPriceFeed(_token, _priceFeed);

emit PriceFeedUpdated(_token, _priceFeed);

}

Risk

Likelihood:

This occurs when the owner changes the price feed for a token, which can be done without oversight or multi-signature approval.
The risk is present whenever the owner’s private key is compromised or misused.

Impact:

Price manipulation: A malicious owner can change the price feed to one that benefits them, potentially leading to over-borrowing or incorrect collateral valuations.
Systemic financial risk: If the price feed is manipulated, it could trigger incorrect liquidations, financial losses, or fund theft.

Proof of Concept

Example of how this can be exploited:

The owner changes the price feed to a malicious address that provides inflated prices.
A malicious user borrows funds based on the manipulated price, gaining an unfair advantage.
The contract continues to use the manipulated price feed, leading to system exploitation and fund drain.

// Example exploit

contract Exploit {

StrataxOracle oracle;

IERC20 token;

constructor(address _oracle, address _token) {

oracle = StrataxOracle(_oracle);

token = IERC20(_token);

}

function attack() external {

// Owner has modified price feed to malicious feed

uint256 price = oracle.getPrice(address(token));

// Further exploit logic

}

Recommended Mitigation

Implement Multi-Signature for Price Feed Modifications:

Use a multi-signature wallet or governance model to approve any changes to the price feed, ensuring that no single person can manipulate prices without oversight.

modifier onlyOwnerOrMultiSig() {

require(msg.sender == owner || multiSigWallet.isSigner(msg.sender), "Not authorized");

}

Rewards breakdown

nSLOC

356

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!