Lucene search
K

10 matches found

Code423n4
Code423n4
added 2023/11/15 12:0 a.m.6 views

Staleness Vulnerability in chainlinkAdaptor's getAssetPrice function

Lines of code Vulnerability details Impact The current implementation of the getAssetPrice function in the chainlinkAdaptor contract lacks a crucial check for the heartbeat of the data feed, introducing a potential risk of consuming stale data. This issue is exacerbated by the fact that different...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2021/11/16 12:0 a.m.7 views

Incorrect Accrual Of sumNative and sumUSD In Producing Consultation Results

Handle leastwood Vulnerability details Vulnerability details Impact The TwapOracle.consult function iterates over all token pairs which belong to either VADER or USDV and then calculates the price of the respective asset by using both UniswapV2 and Chainlink price data. This helps to further...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/11/15 12:0 a.m.11 views

Unbounded loops

Handle pauliax Vulnerability details Impact There are several loops in the contract which can eventually grow so large as to make future operations of the contract cost too much gas to fit in a block. Specifically, in contract TwapOracle there is no upper boundary on how many pairs can be...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/11/15 12:0 a.m.14 views

Newly Registered Assets Skew Consultation Results

Handle leastwood Vulnerability details Impact The TwapOracle.consult function iterates over all token pairs which belong to either VADER or USDV and then calculates the price of the respective asset by using both UniswapV2 and Chainlink price data. This helps to further protect against price...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/11/15 12:0 a.m.18 views

TWAPOracle might register with wrong token order

Handle cmichel Vulnerability details The TWAPOracle.registerPair function takes in a factory and token0, token1. The function accepts a factory argument which means any Uniswap-like factory can be used. When using the actual Uniswap factory's IUniswapV2Factoryfactory.getPairtoken0, token1 call, i...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/11/15 12:0 a.m.10 views

TWAPOracle.getRate does not scale the ratio

Handle cmichel Vulnerability details The TWAPOracle.getRate function simply performs an integer division to compute the rate. function getRate public view returns uint256 result uint256 tUSDInUSDV = consultUSDV; uint256 tUSDInVader = consultVADER; // @audit shouldn't this scale by 1e18 first?...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/11/15 12:0 a.m.12 views

Lacking Validation Of Chainlink' Oracle Queries

Handle leastwood Vulnerability details Impact TwapOracle.consult is missing additional validations to ensure that the round is complete and has returned a valid/expected price. The consult improperly casts an int256 price to uint256 without first checking the value. As a result, the variable may...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2021/11/09 12:0 a.m.9 views

Should a Chainlink aggregator become stuck in a stale state then TwapOracle will become irrecoverably broken

Handle TomFrench Vulnerability details Impact Inability to call consult on the TwapOracle and so calculate the exchange rate between USDV and VADER. Proof of Concept Should any of the Chainlink aggregators used by the TwapOracle becomes stuck in such a state that the check on L143-146 of...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/11/09 12:0 a.m.9 views

Permissioned nature of TwapOracle allows owner to manipulate oracle

Handle TomFrench Vulnerability details Impact Potentially frozen or purposefully inaccurate USDV:VADER price feed. Proof of Concept Only the owner of TwapOracle can call update on the oracle. Should the owner desire they could cease calling update on the oracle for a period. Over this period the...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/11/09 12:0 a.m.11 views

Unbounded loop in TwapOracle.update can result in oracle being locked

Handle TomFrench Vulnerability details Impact Loss of ability of TwapOracle to update should too many pools be added. Proof of Concept TwapOracle allows an unlimited number of pairs to be added and has no way of removing pairs after the fact. At the same time TwapOracle.update iterates through al...

6.7AI score
Exploits0
Rows per page
Query Builder