FV-SOL-10-C2 Price Drift

TLDR

Due to improper state updates, the oraclePrice "drifts" back to its initial value rather than incrementally increasing

Game

The system assumes the oracle price remains accurate, but what if the price drifts slowly over time? Can you spot how this could lead to long-term exploitation?

// SPDX-License-Identifier: MIT
// Open me in VSCode and really think before opening the hints!
// Add @audit tags wherever suspicious
// Go to the solidity docs to complete missing knowledge of what's happening here
// Solve by drafting a fix!
pragma solidity ^0.8.0;

interface IPriceOracle {
    function getPrice() external view returns (uint256);
}

contract PriceDriftGame {
    IPriceOracle public oracle;
    uint256 public totalValue;

    constructor(address _oracle, uint256 _initialValue) {
        oracle = IPriceOracle(_oracle);
        totalValue = _initialValue;
    }

    // Update value based on oracle price
    function updateValue() public {
        uint256 price = oracle.getPrice();
        require(price > 0, "Invalid price");
        totalValue = totalValue * price / 1e18; // Adjust value based on price
    }
}

Imagine the oracle’s price slowly drifts away from reality over time. How might this impact the totalValue calculation?

uint256 public lastValidPrice;

function updateValue() public {
    uint256 price = oracle.getPrice();
    require(price > 0, "Invalid price");

    // Fix: Validate against last valid price to detect drift
    require(
        price <= lastValidPrice * 105 / 100 && price >= lastValidPrice * 95 / 100,
        "Detected price drift"
    );

    totalValue = totalValue * price / 1e18;
    lastValidPrice = price; // Fix: Update last valid price
}

PreviousFV-SOL-10-C1 Incorrect Compounding Mechanism NextFV-SOL-10-C3 Manipulation Through External Markets

Last updated 7 months ago

Was this helpful?