FV-SOL-10 Oracle Manipulation
TLDR
Tampering with the mechanisms that provide asset price data to smart contracts
Code
Classifications
Incorrect Compounding Mechanism (FV-SOL-10-C1)
The oracle fails to compound APR (Annual Percentage Rate) correctly over time, resulting in values that do not accurately reflect the cumulative growth intended
Price Drift (FV-SOL-10-C2)
Due to improper state updates, the oraclePrice
"drifts" back to its initial value rather than incrementally increasing
Manipulation Through External Markets (FV-SOL-10-C3)
Manipulating prices in less liquid markets to impact the oracle's reported price, as some oracles aggregate prices from external exchanges
Time Lags (FV-SOL-10-C4)
Delaying block production or influencing the timing of price updates can lead to incorrect price feeds that attackers use to profit
Mitigation Patterns
Multi-Sourced Oracles (FV-SOL-10-M1)
Use multiple oracle data sources to calculate an aggregated price
Actual Occurrences
Content
Last updated