Lines of code

Vulnerability details

Summary

On chainlink oracle for every pair of tokens price updating time is different. After that particular time the price will be updated. getAssetPrice function is not checking when the last time the price was updated. So it may return stale price . So the price can be something other than the current price. To ensure that price is not stale, a check must be implemented when last time price was updated, using chainlink price feed.

Vulnerability Details

Since Chainlink oracle returns price of any asset in the from of another asset. And price changes on every particular time for particular pair so chainlink work on heartbeat concept which means the price of an pair updated on every heartbeat(in seconds).

let’s consider the ETH / USD oracles on different chains.
On Ethereum, the oracle will update the price data every ~1 hour.

In below function we are directly consuming price feeds from chainlink oracle without checking the price is stale or not.

src/oracles/ChainlinkPriceOracle.sol#L37-L39

37:     function getAssetPrice(address asset) external view onlySupportedAsset(asset) returns (uint256) {
38:            return AggregatorInterface(assetPriceFeed[asset]).latestAnswer();//@audit check if the price is not stale
39:      }

Impact

The incorrect prices can cause the protocol’s functions to operate incorrectly, affecting the protocol’s disruption.

Tools Used

Manual Review

Recommended Mitigation Steps

Use some TIME_OUT constant to ensure if the price is updated before this time than it will be considered stale. Since on the same chain, different collateral tokens can have different heartbeats (the period to update the price data on chain). So in this case mapping can be used having different TIME_OUT for different pair. And add one setter function to remove and add TIME_OUT for token pairs.

Assessed type

Oracle

---

The text was updated successfully, but these errors were encountered:

All reactions