Chainlink aggregator min/max bound misconfig
Dolomite's assessment for RD-F-060 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
ChainlinkPriceOracleV1.sol does not check minAnswer/maxAnswer circuit breaker bounds from the Chainlink aggregator. During an asset crash scenario where the underlying price falls below the aggregator's minAnswer floor, the aggregator returns minAnswer (floored), and Dolomite uses this floored value — overstating collateral value. This is a known Chainlink integration risk pattern. The Cyfrin 2023 audit PDF is inaccessible for direct finding verification. Chainlink heartbeat and deviation thresholds are set at the feed level (enumerated in data-cache), but Dolomite does not validate against them.
Sources #
- AuditCyfrin Audit Report — Dolomite Margin 2023-08-23Cyfrin audit 2023-08-23 — covers core DolomiteMargin; PDF inaccessible for specific finding verification; listed as relevant sourceretrieved 2026-05-16
- ChainlinkPriceOracleV1.soldolomite-exchange/dolomite-margin/blob/master/contracts/external/oracles/ChainlinkPriceOracleV1.sol — no minAnswer/maxAnswer read from AggregatorV2V3Interface in getPrice()retrieved 2026-05-16
Methodology #
Determine whether the Chainlink aggregator's `minAnswer` and `maxAnswer` circuit-breaker bounds are misconfigured (too wide or too narrow) for the asset class.
See the full factor methodology and distribution across all protocols →