deadrxsezzz
medium
Getting an asset's price in ETH and then converting it to USD, rather than straight up in USD might lead to borrowers liquidated when they shouldn't be
The oracle used allows for assets to get their aggregators set using an ETH quote and then getting their USD price by using the ETH/ USD data feeds. This allows for multiple deviations in price which might lead to people getting liquidated when they shouldn't be.
When using data feeds, the oracle has different deviation for each token pair. As USD pairs are more commonly used than ETH pairs, they have significantly less deviation to minimize the randomness/ losses for users. An example: On mainnet, AAVE/ ETH has deviation of 2%, ETH/ USD has 0.5% and AAVE/ USD has 1%. If the oracle for AAVE uses the AAVE/ ETH and then the ETH/ USD data feeds, price may vary of ~2.5% compared to the 1% if simply the USD pair is used. Allowing for higher differences from real prices (of 2.5%+) may often cause scenarios where people will get liquidated when they really shouldn't be.
uint256 price = getPriceFromChainlink(aggregatorInfo.base, aggregatorInfo.quote);
if (aggregatorInfo.quote == Denominations.ETH) {
// Convert the price to USD based if it's ETH based.
uint256 ethUsdPrice = getPriceFromChainlink(Denominations.ETH, Denominations.USD);
price = (price * ethUsdPrice) / 1e18;
}Innocent users will get wrongfully liquidated.
Manual Review
Always use USD pairs