Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
code423n4Code4renaCODE423N4:2022-05-BUNKER-FINDINGS-ISSUES-16
HistoryMay 04, 2022 - 12:00 a.m.

Deprecated oracle can return 0 as a price

2022-05-0400:00:00
Code4rena
github.com
6
JSON

Lines of code
<https://github.com/bunkerfinance/bunker-protocol/blob/752126094691e7457d08fc62a6a5006df59bd2fe/contracts/PriceOracleImplementation.sol#L31&gt;
<https://github.com/bunkerfinance/bunker-protocol/blob/752126094691e7457d08fc62a6a5006df59bd2fe/contracts/PriceOracleImplementation.sol#L37&gt;

Vulnerability details

Impact

According to Chainlink’s documentation, the latestAnswer function is deprecated.

Proof of Concept

This function does not error if no answer has been reached but returns 0. Besides, the latestAnswer is reported with 18 decimals for crypto quotes but 8 decimals for FX quotes (See Chainlink FAQ for more details).

Also there are some cases when 0 is returned, this could produce a wrong computation in prices because the price never will be zero, otherwise it should be aborted.

Recommended Mitigation Steps

Use the latestRoundData function to get the price instead. Add checks on the return data with proper revert messages if the price is stale or the round is uncomplete, for example:

(uint80 roundID, int256 price, , uint256 timeStamp, uint80 answeredInRound) = ChainlinkFeed(0x986b5E1e1755e3C2440e960477f25201B0a8bbD4).latestRoundData();
require(answeredInRound &gt;= roundID, "...");
require(timeStamp != 0, "...");

The text was updated successfully, but these errors were encountered:

All reactions

JSON