A compromised or malicious owner of PairsContrat can manipulate chainlinkFeed price #311
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
duplicate-377
satisfactory
satisfies C4 submission criteria; eligible for awards
Comments
code423n4
added
2 (Med Risk)
|
GalloDaSballo marked the issue as duplicate of #418 |
|
GalloDaSballo marked the issue as duplicate of #377 |
c4-judge
added
the
satisfactory
|
GalloDaSballo marked the issue as satisfactory |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Lines of code
https://github.com/code-423n4/2022-12-tigris/blob/588c84b7bb354d20cbca6034544c4faa46e6a80e/contracts/PairsContract.sol#L33-L37
Vulnerability details
Impact
Detailed description of the impact of this finding.
A compromised or malicious owner of
PairsContractcan manipulatechainlinkFeedpriceProof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
A compromised or malicious owner of
PairsContractcan manipulate chainlinkFeed price as follows:setAssetChainlinkFeed(uint256 _asset, address _MalicousFeed), now the_maliciousFeedbecomes the fake chainlinkFeed_maliciousFeedand used in the advantage of the attacker to gain profit in tradingTools Used
Remix
Recommended Mitigation Steps
The owner should be not allowed to change the
chainlinkFeed, all chainlinkFeeds should be defined as constants and explicit. Use proxy pattern to include new feeds when necessary.The text was updated successfully, but these errors were encountered: