Platform: Code4rena
Start Date: 09/12/2022
Pot Size: $90,500 USDC
Total HM: 35
Participants: 84
Period: 7 days
Judge: GalloDaSballo
Total Solo HM: 12
Id: 192
League: ETH
Rank: 75/84
Findings: 1
Award: $11.69
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: rbserver
Also found by: 0x52, 0xDecorativePineapple, 0xdeadbeef0x, 8olidity, Jeiwan, Rolezn, __141345__, bin2chen, eierina, fs0c, gzeon, joestakey, koxuan, kwhuo68, ladboy233, rvierdiiev, yixxas
11.6941 USDC - $11.69
latestAnswer is depreciated and no longer supported by chainlink. It can return stale data or return a value of 0 when an error occurs. This will give us an incorrect pricing or cause verifyPrice() to revert, preventing the protocol from functioning.
According to chainlink docs, latestAnswer is depreciated and no longer supported. We should use latestRoundData instead to receive our price feed.
Manual Review
Use the latestRoundData api instead. It is also recommended to check the for stale data as well as incomplete rounds. For example,
(uint80 roundID, int256 price, , uint256 timeStamp, uint80 answeredInRound) = oracle.latestRoundData(); require(answeredInRound >= roundID, "Incomplete round"); require(timeStamp != 0, "Feed is stale");
#0 - c4-judge
2022-12-20T16:34:52Z
GalloDaSballo marked the issue as duplicate of #655
#1 - c4-judge
2023-01-22T17:31:00Z
GalloDaSballo marked the issue as satisfactory