Algo Ssstablecoinsss

AI First Flight #2
Beginner FriendlyDeFi
EXP
View results
Submission Details
Impact: medium
Likelihood: medium
Invalid

[M-02] — Missing token allowlist / price feed validation on every path

Root + Impact

Description

The protocol does not enforce token allowlist or price feed validation consistently across all execution paths. While some entrypoints validate that a collateral token is supported and mapped to a valid price feed, other paths rely on internal assumptions and skip explicit boundary checks.

This creates inconsistent validation behavior across core state-changing functions.

As a result:
Unsupported tokens may be processed in certain execution paths
Price feed lookups may return empty(address)
Collateral valuation may behave unexpectedly
State-changing logic may execute without proper token validation
This increases systemic fragility and violates the principle that all external entrypoints must enforce strict boundary validation

Risk

Likelihood: Medium

  • Reason 1 Validation is not uniformly enforced across all paths.

  • Reason 2 External functions delegate to internal logic without repeating allowlist checks.

  • Reason 3 Attack surface increases as protocol complexity grows.

Impact: Medium

  • Impact 1 Unsupported tokens could enter accounting logic.

  • Impact 2 Missing price feed mappings could cause incorrect collateral valuation.

  • Impact 3 Future integrations may introduce unsafe assumptions.

Proof of Concept

If a token is not properly validated at the external boundary and the mapping:

self.token_address_to_price_feed[token]

returns empty(address), the protocol may proceed into pricing logic or collateral flows before reverting deeper in execution, depending on code path.

Expected behavior:
Every external state-changing function should explicitly verify:

token is allowlisted

token has a valid price feed

Actual behavior:
Validation depends on specific function path and is not enforced uniformly at the protocol boundary.

Root Cause\
Token allowlist and price feed validation are not enforced consistently at the external entrypoints. Some functions assume that prior validation has occurred, violating boundary validation principles.

Recommended Mitigation

  1. Enforce Allowlist Validation at All External Boundaries

Add explicit validation in every external function that accepts a token parameter:

assert self.token_address_to_price_feed[token] != empty(address), "DSCEngine__TokenNotAllowed"

Enforce Validation Before Any Pricing Logic

Before calling any oracle pricing logic, ensure:

Token is allowlisted

Price feed exists

Design Principle Recommendation

All external state-changing functions must enforce:

Valid token address

Existing price feed mapping

Clear revert reason

Boundary validation must not rely on internal assumptions.

Conclusion

This issue does not directly lead to immediate fund loss but introduces inconsistent validation logic across protocol execution paths.

Enforcing strict token allowlist and price feed validation at every external boundary strengthens protocol safety, integration reliability, and long-term maintainability.

Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge about 3 hours ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!