Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
code423n4Code4renaCODE423N4:2023-07-RESERVE-FINDINGS-ISSUES-6
HistoryAug 02, 2023 - 12:00 a.m.

Risk of Incorrect Collateral Pricing in Case of Aggregator Reaching minAnswer

2023-08-0200:00:00
Code4rena
github.com
2
chainlink aggregator
circuit breaker
minprice discrepancy
collateral risk
oraclelib.price
recommendation
oracle

6.9 Medium

AI Score

Confidence

Low

JSON

Lines of code

Vulnerability details

Impact

Chainlink aggregators have a built-in circuit breaker to prevent the price of an asset from deviating outside a predefined price range. This circuit breaker may cause the oracle to persistently return the minPrice instead of the actual asset price in the event of a significant price drop, as witnessed during the LUNA crash.

Proof of Concept

The following library method is heavily used to extract linked aggregators and request round data from them. If an asset’s price falls below the minPrice, the protocol continues to value the token at the minPrice rather than its real value. For instance, if TokenA’s minPrice is 1 USD and its price falls to $0.10, the aggregator continues to report 1 USD, rendering the related function calls to entail a value that is ten times the actual value.

<https://github.com/reserve-protocol/protocol/blob/9ee60f142f9f5c1fe8bc50eef915cf33124a534f/contracts/plugins/assets/OracleLib.sol#L14-L31&gt;

    function price(AggregatorV3Interface chainlinkFeed, uint48 timeout)
        internal
        view
        returns (uint192)
    {
        (uint80 roundId, int256 p, , uint256 updateTime, uint80 answeredInRound) = chainlinkFeed
            .latestRoundData();

        if (updateTime == 0 || answeredInRound &lt; roundId) {
            revert StalePrice();
        }
        // Downcast is safe: uint256(-) reverts on underflow; block.timestamp assumed &lt; 2^48
        uint48 secondsSince = uint48(block.timestamp - updateTime);
        if (secondsSince &gt; timeout) revert StalePrice();

        // {UoA/tok}
        return shiftl_toFix(uint256(p), -int8(chainlinkFeed.decimals()));
    }

defaultThreshold set at the constructor typically does not have a higher limit threshold; and, if there is one, it will be up to FIX_ONE. Depending on the value assigned to defaultThreshold, this minAnswer discrepancy could possibly have the pegPrice still fall between pegBottom and pegTop, and hence dodging the marking of a collateral IFFY status. Consequently, a larger than expected amount of RToken could be issued, fostering an imperceptibly unhealthy basket of collaterals.

It’s important to note that while Chainlink oracles form part of the OracleAggregator system and the use of a combination of oracles could potentially prevent such a situation, there’s still a risk. Secondary oracles, such as Band, could potentially be exploited by a malicious user who can DDOS relayers to prevent price updates. Once the price becomes stale, the Chainlink oracle’s price would be the sole reference, posing a significant risk.

Tools Used

Manual

Recommended Mitigation Steps

As recommended by Chainlink, OracleLib.price should cross-check the returned answer against the minPrice/maxPrice and revert if the answer is outside of these bounds:

        (uint80 roundId, int256 p, , uint256 updateTime, uint80 answeredInRound) = chainlinkFeed
            .latestRoundData();
+        if (p &gt;= maxPrice || p &lt;= minPrice) revert();

This ensures that a false price will not be returned if the underlying asset’s value hits the minPrice.

Assessed type

Oracle

The text was updated successfully, but these errors were encountered:

All reactions

6.9 Medium

AI Score

Confidence

Low

JSON