This repository has been archived by the owner on Jun 30, 2024. It is now read-only.
ZanyBonzy - D3Oracle will use the wrong price if the Chainlink returns price outside normal range #23
Labels
Excluded
Excluded by the judge without consulting the protocol or the senior
Non-Reward
This issue will not receive a payout
ZanyBonzy
medium
D3Oracle will use the wrong price if the Chainlink returns price outside normal range
Summary
ChainlinkAggregators have minPrice and maxPrice circuit breakers built into them. This means that if the price of the asset drops below the minPrice, the protocol will continue to value the token at minPrice instead of it's actual value and the other way round. This will allow users to take out huge amounts of bad debt.
Vulnerability Detail
The
getPriceFromFeed
function should check for the min and max amount return to prevent cases like LUNA in which the Oracle will return the minimum price and not the crashed price. This would allow user to executes transactions with the asset but at the wrong price. This is exactly what happened to Venus on BSC when LUNA imploded.Impact
In an event of extreme asset colatility, the price gotten will be the wrong and not actual price.
Code Snippet
https://github.com/sherlock-audit/2023-12-dodo/blob/ea7f786161113144562a900dbff31457ff7025ef/dodo-v3/contracts/DODOV3MM/periphery/D3Oracle.sol#L115C4-L124C6
Tool used
Manual Code Review
Recommendation
Some check like this can be added to avoid returning of the min price or the max price in case of the price crashes.
The text was updated successfully, but these errors were encountered: