Lines of code

Vulnerability details

Impact

Oracle unavailable for up to 1 hour, which could lead to positions going underwater and being liquidated when it becomes live again, without users having the chance to repay/collateralize.

Proof of Concept

The airnode code has a note concerning this behaviour:
/// @dev Reverts if the timestamp is from more than 1 hour in the future
It means that the prices can be up to 1 hour in the future.

This modifier is triggered when updating prices in processBeaconUpdate(), setting the dataFeed, which is read in _readDataFeedWithId(), called initially in readDataFeedWithId().

Then, in the Api3OracleReader, the following check may underflow if the timestamp is in the future:
_require(block.timestamp - timestamp <= dataFeedInfo.maxStaleTime, Errors.MAX_STALETIME_EXCEEDED);.

Tools Used

Vscode Foundry

Recommended Mitigation Steps

Limit the timestamp to be at most block.timestamp.

Assessed type

Under/Overflow

The text was updated successfully, but these errors were encountered:

All reactions