Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>Benqi Oracle>Discussion>The transferOracleAdmins function could always be reverted
GeneralOverview
Findings
Medium (1)
Low (1)
DiscussionThe transferOracleAdmins function could always be revertedThe internal function BenqiPriceOracle::getFeedPrice is not usedIncorrect revert error message
Threat ModelWhat are threat models?BenqiDualOracle.solBenqiPriceOracle.sol
Audit ResultsAssessment Results

The transferOracleAdmins function could always be reverted

The transferOracleAdmins function in BenqiDualOracle allows the contract owner to assign a new admin address for both edgeOracle and chainlinkOracle by invoking their respective setAdmin methods. However, since each setAdmin function is protected by an onlyAdmin modifier and the admin state variable is a single fixed address per oracle contract, this call will revert unless the current caller is already the admin of each oracle.

function transferOracleAdmins(address newAdmin) external onlyOwner {
    if (newAdmin == address(0)) revert InvalidAddress();

    // Transfer Edge Oracle admin
    edgeOracle.setAdmin(newAdmin);

    // Transfer Chainlink Oracle admin
    chainlinkOracle.setAdmin(newAdmin);

    emit OracleAdminTransferred(newAdmin);
}

The Chaos Labs team clarified that the oracles are initially configured with the contract owner as the admin, so the function works without issues at deployment time. They also noted that this functionality is intended to support future deployments of new contracts, where transferring oracle admin rights may be necessary.

Zellic © 2025Back to top ↑