You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Dec 17, 2023. It is now read-only.
sherlock-admin opened this issue
Jun 11, 2023
· 0 comments
Labels
DuplicateA valid issue that is a duplicate of an issue with `Has Duplicates` labelMediumA valid Medium severity issueRewardA payout will be made for this issue
No check for round completeness could lead to stale prices and wrong price return value, or outdated prices.
The functions that rely on accurate price feed might not work as expected, which sometimes can lead to fund loss.
Vulnerability Detail
The function getPriceFromChainlink in PriceOracle.sol does not check for round completeness.
function getPriceFromChainlink(addressbase, addressquote) internalviewreturns (uint256) {
(, int256price,,,) = registry.latestRoundData(base, quote);
require(price >0, "invalid price");
// Extend the decimals to 1e18.returnuint256(price) *10** (18-uint256(registry.decimals(base, quote)));
}
When getting latestRoundData, the only variable checked is the price.
However, according to Chainlink docs, answeredInRound should be checked to be == roundId
Impact
latestRoundData() might return stale results leading to wrong prices and potential loss of funds.
sherlock-admin
added
Medium
A valid Medium severity issue
Duplicate
A valid issue that is a duplicate of an issue with `Has Duplicates` label
Reward
A payout will be made for this issue
and removed
Non-Reward
This issue will not receive a payout
labels
Jul 19, 2023
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
DuplicateA valid issue that is a duplicate of an issue with `Has Duplicates` labelMediumA valid Medium severity issueRewardA payout will be made for this issue
HexHackers
medium
Possible stale price values from Chainlink oracle
Summary
No check for round completeness could lead to stale prices and wrong price return value, or outdated prices.
The functions that rely on accurate price feed might not work as expected, which sometimes can lead to fund loss.
Vulnerability Detail
The function
getPriceFromChainlink
in PriceOracle.sol does not check for round completeness.When getting latestRoundData, the only variable checked is the price.
However, according to Chainlink docs, answeredInRound should be checked to be == roundId
Impact
latestRoundData() might return stale results leading to wrong prices and potential loss of funds.
Code Snippet
https://github.com/sherlock-audit/2023-05-ironbank/blob/9ebf1702b2163b55479624794ab7999392367d2a/ib-v2/src/protocol/oracle/PriceOracle.sol#L66
Tool used
Manual Review
Recommendation
Add the check:
Duplicate of #9
The text was updated successfully, but these errors were encountered: