Teeny Brown Coyote
Medium
When using Chainlink Price Feeds with L2 chains like Optimism, smart contracts must validation to ensure L2 Chainlink sequencer is down.
Handling outages on Optimism, BASE, Metis, and Scroll highlights the dependency on the sequencer’s uptime for processing Layer 2 (L2) transactions. During a sequencer outage, no L2 transactions are executed, and messages from Layer 1 (L1) are queued in the CanonicalTransactionChain (CTC) on L1. These messages are processed sequentially when the sequencer is restored, ensuring that critical operations, such as updates to Chainlink’s uptime feeds, occur before any dependent transactions are executed. This guarantees the integrity of operations despite temporary delays.
The root issue stems from the reliance on the sequencer as a centralized component for executing L2 transactions and processing L1-to-L2 communications. When the sequencer is unavailable, these operations are interrupted and deferred until it resumes activity. Chainlink uptime feeds play a crucial role in this mechanism, as they signal the sequencer’s status on L2. During an outage, transactions to update the uptime status are queued and processed in strict order, ensuring accurate state representation when the sequencer is restored.
No response
No response
No response
The lack of explicit validation regarding the sequencer’s status in the code can introduce vulnerabilities or lead to unexpected behaviors. Without this validation, transactions dependent on the sequencer’s status might execute in an inconsistent state if Chainlink’s feeds fail to update correctly or are manipulated. This compromises the business logic, especially for contracts that assume the sequencer’s status will always be accurately reflected.
Moreover, relying solely on processing order without additional validations creates a point of fragility: if the uptime feed update fails (e.g., due to a reverted transaction or compromised feed), all dependent transactions could execute based on incorrect information. This could result in operational failures, incorrect contract executions, or even financial exploits, depending on the specific application. Implementing robust validations would mitigate these risks, ensuring the system handles unexpected conditions appropriately.
Since the project documentation states that this contract will only be deployed on Optimism (L2), the code snippet below should include specific validation for this before sending price information:
function currentValue() external view override returns (uint256) {
int256 latest = aggregator.latestAnswer();
require(latest > 0, "chainlink: px < 0");
return uint256(latest);
}No response