Due to improper state updates, the oraclePrice "drifts" back to its initial value rather than incrementally increasing
Game
The system assumes the oracle price remains accurate, but what if the price drifts slowly over time? Can you spot how this could lead to long-term exploitation?
// SPDX-License-Identifier: MIT// Open me in VSCode and really think before opening the hints!// Add @audit tags wherever suspicious// Go to the solidity docs to complete missing knowledge of what's happening here// Solve by drafting a fix!pragmasolidity ^0.8.0;interface IPriceOracle {functiongetPrice() externalviewreturns (uint256);}contract PriceDriftGame { IPriceOracle public oracle;uint256public totalValue;constructor(address_oracle,uint256_initialValue) { oracle =IPriceOracle(_oracle); totalValue = _initialValue; }// Update value based on oracle pricefunctionupdateValue() public {uint256 price = oracle.getPrice();require(price >0,"Invalid price"); totalValue = totalValue * price /1e18; // Adjust value based on price }}
Imagine the oracle’s price slowly drifts away from reality over time. How might this impact the totalValue calculation?
Can you cross-verify the price with another source or use a mechanism to ensure the price remains reliable?
uint256public lastValidPrice;functionupdateValue() public {uint256 price = oracle.getPrice();require(price >0,"Invalid price");// Fix: Validate against last valid price to detect driftrequire( price <= lastValidPrice *105/100&& price >= lastValidPrice *95/100,"Detected price drift" ); totalValue = totalValue * price /1e18; lastValidPrice = price; // Fix: Update last valid price}