Boost _ Folks Finance 33631 - [Smart Contract - Low] Wrong implementation of chainLink getTwapPrice

Submitted on Wed Jul 24 2024 23:49:26 GMT-0400 (Atlantic Standard Time) by @gizzy for Boost | Folks Finance

Report ID: #33631

Report type: Smart Contract

Report severity: Low

Target: https://testnet.snowtrace.io/address/0xA758c321DF6Cd949A8E074B22362a4366DB1b725

Impacts:

Protocol insolvency

Description

Brief/Intro

The TWAP price calculation wrongly assumes that roundId is incremental which from chainlink docs is not ( https://docs.chain.link/data-feeds/historical-data#getrounddata-return-values ) .This assumption leads to the twap Price being wrong when a new aggregator is updated in chainlink which will in turn update the PhaseID

Vulnerability Details

The getTwapPrice function the chainlink node is used to get the Time-Weighted Average Price (TWAP) given a particular twapTimeInterval .

 function getTwapPrice(
        AggregatorV3Interface chainlink,
        uint80 latestRoundId,
        uint256 latestPrice,
        uint256 twapTimeInterval
    ) internal view returns (uint256 price) {
        uint256 priceSum = latestPrice;
        uint256 priceCount = 1;

        uint256 startTime = block.timestamp - twapTimeInterval;

        /// @dev Iterate over the previous rounds until reaching a round that was updated before the start time
        while (latestRoundId > 0) {
            try chainlink.getRoundData(--latestRoundId) returns (
                uint80,
                int256 answer,
                uint256,
                uint256 updatedAt,
                uint80
            ) {
                if (updatedAt < startTime) {
                    break;
                }
                priceSum += answer.toUint256();
                priceCount++;
            } catch {
                break;
            }
        }

        return priceSum / priceCount;
    }

The problem is that getRoundData(--latestRoundId) decreases the latestRoundId , when the phaseId is which currently 6 is incremented to 7 . Then the first roundID of phaseid 7 will be the latestRoundID = (7 <<64 | 1).(from chainlink doc : https://docs.chain.link/data-feeds/historical-data#getrounddata-return-values ) This latestRoundID will greatly differ from phase 6 latestRoundID . Calling the getTwapPrice with the phaseID 7 latestRoundID , in the loop when --latestRoundID occurs chain link will return instead of reverting will return 0 as price and 0 as updated at . updatedAt which is zero will be less than startTime . this will break the loop and return the latestPrice as the TWAP price .

The poc shows transition from phaseId of 5 to 6 of ETH/USD of mainnet. and its effects

Impact Details

The flaw in the price if big enough can be exploited for functionalities that needs oracle to function

References

https://github.com/Folks-Finance/folks-finance-xchain-contracts/blob/fb92deccd27359ea4f0cf0bc41394c86448c7abb/contracts/oracle/nodes/ChainlinkNode.sol#L47C1-L78C6

Proof of concept

Proof of Concept

This POC shows an example with transition from phaseID 5 to 6 of ETH/USD Oracle of mainnet

import "../libForge/forge-std/src/Test.sol";
import "../contracts/bridge/libraries/Messages.sol";
import "@chainlink/contracts/src/v0.8/interfaces/AggregatorV3Interface.sol";
import "@openzeppelin/contracts/utils/math/SafeCast.sol";



contract testTwap is Test{

    using SafeCast for int256;

    function setUp() public virtual {
        vm.createSelectFork(vm.envString("RPC_URL"));
    }

    /// @notice Calculates the Time-Weighted Average Price (TWAP) for a Chainlink feed from all the prices between the latest round and the latest round before the time interval.
    /// @param chainlink The Chainlink aggregator contract.
    /// @param latestRoundId The latest round ID.
    /// @param latestPrice The latest price.
    /// @param twapTimeInterval The TWAP time interval.
    /// @return price The TWAP price.
    function getTwapPrice(
        AggregatorV3Interface chainlink,
        uint80 latestRoundId,
        uint256 latestPrice,
        uint256 twapTimeInterval,
        uint256 blockTimeStampOFtestTwap
    ) internal view returns (uint256 price) {
        uint256 priceSum = latestPrice;
        uint256 priceCount = 1;

        uint256 startTime = blockTimeStampOFtestTwap - twapTimeInterval;

        /// @dev Iterate over the previous rounds until reaching a round that was updated before the start time
        while (latestRoundId > 0) {
            try chainlink.getRoundData(--latestRoundId) returns (
                uint80,
                int256 answer,
                uint256,
                uint256 updatedAt,
                uint80
            ) {
                if (updatedAt < startTime) {
                    break;
                }
                priceSum += answer.toUint256();
                priceCount++;
            } catch {
                break;
            }
        }

        return priceSum / priceCount;
    }

    ///  the TWAP price calculation wrongly assumes that roundId is  incremental which will lead to big wrong price diversion when the phaseID increments meaning a new aggregator
    /// was added


    function testTwapPrice() public {
        //ETH/USD Chainlink Aggregator Mainnet
        AggregatorV3Interface chainlinkAggregator = AggregatorV3Interface(0x5f4eC3Df9cbd43714FE2740f5E3616155c5b8419);
        (uint80 roundId,int256 answer, , uint256 updatedAt, ) = chainlinkAggregator.latestRoundData();
        //chainlink has a PhaseID that is use to calculate the roundId  and from the docs 
        //phaseId = roundId >> 64;
       (uint80 roundId0,int256 answer0, , uint256 updatedAt0, )= chainlinkAggregator.getRoundData(uint80((5 <<64 | 45034)));
       console.log("last roundId of phaseid 5:",roundId0);
       // note roundId0 ++ will also return 0,0,0 as data

        uint256 phaseID = roundId >> 64;
         console.log("phaseID: ", phaseID);
        uint256 aggregatorRoundId = (roundId & 0xFFFFFFFFFFFFFFFF);
        console.log("aggregatorRoundId: ", aggregatorRoundId);
        uint256 firstRoundID_phase6 = (roundId - aggregatorRoundId) + 1;

       
        
        console.log("firstRoundID_phase6:", firstRoundID_phase6);

        //suppose the twaptimeInterval is 2hours = 7200;
        //and the chainlinkAggregator just switch from phaseID 5 to 6 .
        //with  latest roundId = firstRoundID_phase6 

        (uint80 roundId1,int256 answer1, , uint256 updatedAt1, ) = chainlinkAggregator.getRoundData(uint80(firstRoundID_phase6 ));
        console.log("answer1:",answer1.toUint256());

       uint256 priceTwap = getTwapPrice(chainlinkAggregator,roundId1,answer1.toUint256(),7200,updatedAt1 + 20 minutes);

       console.log("priceTwap:",priceTwap);

       

       
    }
    

  

}

PreviousBoost _ Folks Finance 33630 - [Smart Contract - High] Incorrect calculation of loanBorrowbalance NextBoost _ Folks Finance 33643 - [Smart Contract - Low] PriceFeed from PythNode will always revert for

Last updated 1 year ago

Was this helpful?

import "../libForge/forge-std/src/Test.sol"; import "../contracts/bridge/libraries/Messages.sol"; import "@chainlink/contracts/src/v0.8/interfaces/AggregatorV3Interface.sol"; import "@openzeppelin/contracts/utils/math/SafeCast.sol"; contract testTwap is Test{ using SafeCast for int256; function setUp() public virtual { vm.createSelectFork(vm.envString("RPC_URL")); } /// @notice Calculates the Time-Weighted Average Price (TWAP) for a Chainlink feed from all the prices between the latest round and the latest round before the time interval. /// @param chainlink The Chainlink aggregator contract. /// @param latestRoundId The latest round ID. /// @param latestPrice The latest price. /// @param twapTimeInterval The TWAP time interval. /// @return price The TWAP price. function getTwapPrice( AggregatorV3Interface chainlink, uint80 latestRoundId, uint256 latestPrice, uint256 twapTimeInterval, uint256 blockTimeStampOFtestTwap ) internal view returns (uint256 price) { uint256 priceSum = latestPrice; uint256 priceCount = 1; uint256 startTime = blockTimeStampOFtestTwap - twapTimeInterval; /// @dev Iterate over the previous rounds until reaching a round that was updated before the start time while (latestRoundId > 0) { try chainlink.getRoundData(--latestRoundId) returns ( uint80, int256 answer, uint256, uint256 updatedAt, uint80 ) { if (updatedAt < startTime) { break; } priceSum += answer.toUint256(); priceCount++; } catch { break; } } return priceSum / priceCount; } /// the TWAP price calculation wrongly assumes that roundId is incremental which will lead to big wrong price diversion when the phaseID increments meaning a new aggregator /// was added function testTwapPrice() public { //ETH/USD Chainlink Aggregator Mainnet AggregatorV3Interface chainlinkAggregator = AggregatorV3Interface(0x5f4eC3Df9cbd43714FE2740f5E3616155c5b8419); (uint80 roundId,int256 answer, , uint256 updatedAt, ) = chainlinkAggregator.latestRoundData(); //chainlink has a PhaseID that is use to calculate the roundId and from the docs //phaseId = roundId >> 64; (uint80 roundId0,int256 answer0, , uint256 updatedAt0, )= chainlinkAggregator.getRoundData(uint80((5 <<64 | 45034))); console.log("last roundId of phaseid 5:",roundId0); // note roundId0 ++ will also return 0,0,0 as data uint256 phaseID = roundId >> 64; console.log("phaseID: ", phaseID); uint256 aggregatorRoundId = (roundId & 0xFFFFFFFFFFFFFFFF); console.log("aggregatorRoundId: ", aggregatorRoundId); uint256 firstRoundID_phase6 = (roundId - aggregatorRoundId) + 1; console.log("firstRoundID_phase6:", firstRoundID_phase6); //suppose the twaptimeInterval is 2hours = 7200; //and the chainlinkAggregator just switch from phaseID 5 to 6 . //with latest roundId = firstRoundID_phase6 (uint80 roundId1,int256 answer1, , uint256 updatedAt1, ) = chainlinkAggregator.getRoundData(uint80(firstRoundID_phase6 )); console.log("answer1:",answer1.toUint256()); uint256 priceTwap = getTwapPrice(chainlinkAggregator,roundId1,answer1.toUint256(),7200,updatedAt1 + 20 minutes); console.log("priceTwap:",priceTwap); } }