Platform: Code4rena
Start Date: 25/10/2022
Pot Size: $50,000 USDC
Total HM: 18
Participants: 127
Period: 5 days
Judge: 0xean
Total Solo HM: 9
Id: 175
League: ETH
Rank: 115/127
Findings: 1
Award: $0.38
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: rbserver
Also found by: 0x1f8b, 0xNazgul, 0xc0ffEE, 8olidity, Aymen0909, Chom, Franfran, Jeiwan, Jujic, Lambda, M4TZ1P, Olivierdem, Rolezn, Ruhum, TomJ, Wawrdog, __141345__, bin2chen, c7e7eff, carlitox477, catchup, cccz, codexploder, cuteboiz, d3e4, dipp, djxploit, eierina, elprofesor, hansfriese, horsefacts, idkwhatimdoing, imare, immeas, joestakey, ladboy233, leosathya, martin, minhtrng, pashov, peanuts, pedroais, rokinot, rvierdiiev, saneryee, sorrynotsorry, tonisives
0.385 USDC - $0.38
https://github.com/code-423n4/2022-10-inverse/blob/3e81f0f5908ea99b36e6ab72f13488bbfe622183/src/Oracle.sol#L82 https://github.com/code-423n4/2022-10-inverse/blob/3e81f0f5908ea99b36e6ab72f13488bbfe622183/src/Oracle.sol#L116
Oracle.getPrice() and Oracle.viewPrice() uses deprecated chainlink API calls feed.latestAnswer().
As this is a deprecated call, chainlink could cease support for this call which would prevent Collateral Value
from being calculated. This could lead to users not being liquidated, or situations where users are unable to withdraw
their original funds
Link to chainlink documentation
Manual Review
Recommendation as per chainlink documentation is to migrate to feed.latestRoundData()
#0 - neumoxx
2022-10-31T08:44:35Z
Probably over-inflated severity Duplicate of #601
#1 - c4-judge
2022-11-05T17:50:01Z
0xean marked the issue as duplicate
#2 - Simon-Busch
2022-12-05T15:15:19Z
Marked satisfactory as requested by @0xean
#3 - c4-judge
2022-12-06T00:02:43Z
0xean changed the severity to 2 (Med Risk)
#4 - c4-judge
2022-12-07T08:14:13Z
Simon-Busch marked the issue as duplicate of #584