Description

This issue is related to price-data reliability. When the ProxyDomaRecord::getNativePrice function queries the USD price of native currency using the Chainlink oracle, validation logic to check whether the returned price data is stale is missing.

The current implementation simply retrieves the price without verifying timestamps or round IDs, creating substantial risk of using outdated price data.

Impact

This issue may result in inaccurate fees being charged.

Recommendations

It is recommended to add logic that verifies the timestamps of price data to resolve this issue.

Remediation

This issue has been acknowledged by D3, and a fix was implemented in commit 039b512d↗.