Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Prisma Finance>Threat Models>fetchPrice
GeneralOverview
Findings
Critical (1)
Low (1)
Informational (2)
DiscussionInaccurate require stringInconsistent update of `lastDefaultInterestUpdate`Unused codeDiscrepancy between interface and implementationMissing test suite
Threat ModelsWhat are threat models?AdminVoting.solAllocationVesting.solBorrowerOperations.solConvexDepositToken.solDebtToken.solFactory.solIncentiveVoting.solLiquidationManager.sol
PriceFeed.sol_fetchPricefetchPrice
PrismaToken.solSortedTroves.solStabilityPool.solTokenLocker.solTreasury.solTroveManager.sol
Audit ResultsSummary
AppendixAppendix

Function: fetchPrice()

Get the latest price returned from the oracle.

Branches and code coverage (including function calls)

Intended branches

  • If updated < block.timestamp, get the price from _fetchPrice and update the lastUpdated variable with current timestamp.

  • If updated >= block.timestamp, get the price by calling the function at signature sp.signature on the sp.collateral address.

Negative behavior

  • If updated >= block.timestamp, revert if the call to sp.collateral is unsuccessful.

Function call analysis

  • sp.collateral.call(abi.encode(sp.signature))

    • What is controllable? N/A.

    • If return value controllable, how is it used and how can it go wrong? Return values are not controllable.

    • What happens if it reverts, reenters, or does other unusual control flow? The entire function would revert if the external call reverts --- no reentrancy scenarios.

Zellic © 2025Back to top ↑