This repository has been archived by the owner on Dec 17, 2023. It is now read-only.
Ocean_Sky - Chainlink's latestRoundData return stale or incorrect result #131
Labels
Excluded
Excluded by the judge without consulting the protocol or the senior
Non-Reward
This issue will not receive a payout
Ocean_Sky
medium
Chainlink's latestRoundData return stale or incorrect result
Summary
Chainlink's latestRoundData return stale or incorrect result
Vulnerability Detail
There are missing checks on the return values from Chainlink's latestRoundData used by function sync() and getLatestRound
https://github.com/sherlock-audit/2023-05-perennial/blob/main/perennial-mono/packages/perennial-oracle/contracts/ChainlinkOracle.sol#L59-L79
https://github.com/sherlock-audit/2023-05-perennial/blob/main/perennial-mono/packages/perennial-oracle/contracts/types/ChainlinkRegistry.sol#L34-L37
This could result to get stale prices from price oracle. See support from Chainlink documentation
https://docs.chain.link/data-feeds/historical-data
Related Issue report:
sherlock-audit/2023-02-blueberry-judging#63
Impact
Stale prices could result wrong implementation of liquidations.
Code Snippet
https://github.com/sherlock-audit/2023-05-perennial/blob/main/perennial-mono/packages/perennial-oracle/contracts/ChainlinkOracle.sol#L59-L79
https://github.com/sherlock-audit/2023-05-perennial/blob/main/perennial-mono/packages/perennial-oracle/contracts/types/ChainlinkRegistry.sol#L34-L37
Tool used
Manual Review
Recommendation
Consider add this checking on getLatestRound function:
(uint80 roundId, int256 answer, , uint256 updatedAt, uint80 answeredInRound ) =
FeedRegistryInterface(ChainlinkRegistry.unwrap(self)).latestRoundData(base, quote);
require (answer >= 0, "Negative price");
require(answeredInRound >= roundId,"Price Stale" );
...
The text was updated successfully, but these errors were encountered: