Oracle staleness check present

Venus Protocol's assessment for RD-F-059 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

ChainlinkOracle.sol: explicit maxStalePeriod check — reverts if block.timestamp - updatedAt > maxStalePeriod. BinanceOracle.sol: same check. Concern: AVAX/USD and COMP/USD BSC Chainlink feeds have 86400s (24h) heartbeat at 0.5% deviation threshold — if maxStalePeriod is set >24h, stale prices up to 24h old are accepted. Oracle Configuration Update governance proposal (2026) confirms prior maxStalePeriod configs were too wide (CAKE was 24h despite 60s heartbeat, reduced to 120s). Residual risk: any asset where maxStalePeriod was not yet tightened.

Sources #

Governance
Oracle Configuration Update | Venus CommunityOracle Configuration Update — 74 maxStalePeriod reductionsretrieved 2026-04-28
GitHub
ChainlinkOracle.sol sourceChainlinkOracle.sol staleness check — deltaTime > maxStalePeriod revertretrieved 2026-04-28

Methodology #

Determine whether the protocol rejects oracle reads older than a declared maximum age (i.e., checks `updatedAt > block.timestamp - maxStaleness`).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol venus factor RD-F-059 score yellow collected_at 2026-04-28 18:30:49