Loud Mocha Platypus
Medium
Missing updatedAt
check in DebitaChainlink.getThePrice() causing stale pricing.
This effects ratio calculations downstream when matching offers.
See Summary.
See Summary.
See Summary.
See Summary.
See Summary.
See Summary.
// https://github.com/sherlock-audit/2024-11-debita-finance-v3/blob/main/Debita-V3-Contracts/contracts/oracles/DebitaChainlink.sol#L42
- (, int price, , , ) = priceFeed.latestRoundData();
+ (, int price, , uint256 updatedAt, ) = priceFeed.latestRoundData();
+ if (updatedAt < block.timestamp - 60 * 60) revert("stale price feed");