3 matches found
Staleness Vulnerability in chainlinkAdaptor's getAssetPrice function
Lines of code Vulnerability details Impact The current implementation of the getAssetPrice function in the chainlinkAdaptor contract lacks a crucial check for the heartbeat of the data feed, introducing a potential risk of consuming stale data. This issue is exacerbated by the fact that different...
Lacking Validation Of Chainlink' Oracle Queries
Handle leastwood Vulnerability details Impact TwapOracle.consult is missing additional validations to ensure that the round is complete and has returned a valid/expected price. The consult improperly casts an int256 price to uint256 without first checking the value. As a result, the variable may...
Chainlink's latestRoundData might return stale or incorrect results
Handle nikitastupin Vulnerability details Proof of Concept The ChainlinkAdapter calls out to a Chainlink oracle receiving the latestRoundData. If there is a problem with Chainlink starting a new round and finding consensus on the new value for the oracle e.g. Chainlink nodes abandon the oracle,...