Omniscia Altura Trade Audit

NavOracle Manual Review Findings

NavOracle Manual Review Findings

NOE-01M: Inexistent Validation of NAV Timestamp

Description:

The NavOracle::reportNav function does not validate the upper bound of the timestamp ts reported.

Impact:

As this type of vulnerability arises from malformed input of administrative parties, its severity is capped to informational.

Example:

contracts/NavOracle.sol
91function reportNav(uint256 pps1e18, uint256 ts) external onlyRole(REPORTER_ROLE) whenNotPaused {
92        if (pps1e18 == 0 || ts == 0) revert ZeroValue();
93        if (ts < block.timestamp - _maxOracleStaleness) revert StaleTimestamp();
94

95        if (maxPpsMoveBps > 0) {
96            uint256 prev = lastNav.pps1e18;
97            if (prev > 0) {
98                uint256 diff = prev > pps1e18 ? prev - pps1e18 : pps1e18 - prev;
99                if (diff * 10_000 > prev * maxPpsMoveBps) revert TooLargeMove();
100            }
101        }
102

103        lastNav = NavSnapshot({ pps1e18: pps1e18, updatedAt: uint64(ts) });
104        emit NavReported(pps1e18, ts);
105    }
106}

Recommendation:

We advise an upper bound of type(uint64).max to be imposed and preferably less, ensuring that the variable's type-cast is performed safely.

Alleviation:

The Altura Trade team evaluated this exhibit but opted to acknowledge it in the current iteration of the codebase.

NOE-02M: Insufficient Validation of Staleness Validity

Description:

The maxStalenessSeconds variable is validated as non-zero yet does not have its upper bound restricted.

Impact:

As this type of vulnerability arises from malformed input of administrative parties, its severity is capped to informational.

Example:

contracts/NavOracle.sol
91function reportNav(uint256 pps1e18, uint256 ts) external onlyRole(REPORTER_ROLE) whenNotPaused {
92    if (pps1e18 == 0 || ts == 0) revert ZeroValue();
93    if (ts < block.timestamp - _maxOracleStaleness) revert StaleTimestamp();

Recommendation:

We advise an upper bound of the current block.timestamp to be imposed so as to ensure the NavOracle::reportNav function remains accessible at all times.

Alleviation:

The Altura Trade team evaluated this exhibit but opted to acknowledge it in the current iteration of the codebase.

Prev

NavVault.sol (NVT-S)

Next

NavVault.sol (NVT-M)

On this page