Added some tests to confirm Oracle price manipulation.

[0xfps]

Hi, my name is Anthony, wonderful code you got here, I love it, however, I made a little realization.

Since the oracle price returns int256, I think that these values can be manipulated by an attacker to return values < 0, where by when cast to uint256 will overflow causing the price to be > 1,000,000 as specified in the code.
(This can be used in favour of or against USDC.)

I suggest making sure that returned prices are >= 0 before casting to uint256, to be safe.

Reference:
https://github.com/Anish-Agnihotri/Hyperbitcoinization/blob/master/src/Hyperbitcoinization.sol#L125-L129

My Recommentation:

function getBTCPrice() public view returns (uint256) {
    // Collect BTC price
    (, int256 price,,,) = BTCUSD_PRICEFEED.latestRoundData();
    if (price < 0) revert CUSTOM_ERROR();
    return uint256(price) / 10 ** BTCUSD_PRICEFEED.decimals();
}

PS: I whopped up a fake Oracle for this test.
Location: test/myFolder/AnotherHyperbitcoinization.t.sol

I am open to corrections if any.

Once again, wonderful contract, great job 👍🏾!

[Anish-Agnihotri]

Thanks Anthony, I appreciate your help.

Had a decent diff from the last few changes when I saw this, so added in here.

[0xfps]

Thanks Anthony, I appreciate your help.

Had a decent diff from the last few changes when I saw this, so added in here.

Much appreciated, Anish 👍🏾.