Lucky Peach Barbel
Medium
The executeOrder function in the Manager contract rely on the latest price fetched from the market's oracle (market.oracle().latest()) to determine whether an order's conditions are satisfied. This dependency exposes the protocol to oracle manipulation attacks, where an attacker could influence the reported price, either directly (e.g. by controlling or bribing the oracle) or indirectly (e.g. using a flash loan to temporarily alter the on-chain price used by the oracle). For instance, in the checkOrder function:
canExecute = order.canExecute(market.oracle().latest());A manipulated oracle price could incorrectly signal that an order is executable when it is not, enabling the attacker to execute orders under conditions that would normally not be met. This lack of price validation in the latest function of the KeeperOracle.sol can lead to usage of stale latestVersion leaving the system vulnerable to malicious price swings during a transaction.
The primary impact is that attackers could exploit manipulated oracle prices to execute orders improperly, potentially draining user funds or destabilizing the system by executing invalid trades.
Add a staleness check in the latest() function to validate that the returned latestVersion is recent by comparing its timestamp with the current block timestamp and rejecting stale versions.