Oracle Data Freshness Remediation

Overview

Related Detector: Oracle Data Freshness

Stale oracle prices enable exploitation through outdated valuations. The fix is to validate the oracle’s publish timestamp against the current Clock sysvar, reject prices older than an acceptable threshold, and validate the confidence interval.

Recommended Fix

Before (Vulnerable)

let price = price_feed.get_price_unchecked();
let value = amount * price.price as u64;

After (Fixed)

let clock = Clock::get()?;
let price = price_feed.get_price_no_older_than(clock.unix_timestamp, 30)?; // 30 seconds max
require!(price.conf < MAX_CONFIDENCE, ErrorCode::PriceUncertain);
let value = amount * price.price as u64;

Alternative Mitigations

Multiple Oracle Sources

Use multiple oracle feeds and compare prices for consistency:

let pyth_price = get_pyth_price(&ctx.accounts.pyth_oracle, &clock)?;
let switchboard_price = get_switchboard_price(&ctx.accounts.sb_oracle)?;
let deviation = (pyth_price - switchboard_price).abs();
require!(deviation < MAX_DEVIATION, ErrorCode::OracleDeviation);

Common Mistakes

Mistake: Staleness Threshold Too Large

// WRONG: 1 hour staleness allows significant price movement
let price = price_feed.get_price_no_older_than(clock.unix_timestamp, 3600)?;

Use tight staleness thresholds (15-60 seconds) for DeFi operations.

Mistake: Ignoring Confidence Interval

// WRONG: price could have huge uncertainty
let price = price_feed.get_price_no_older_than(clock.unix_timestamp, 30)?;
// Missing: require!(price.conf < threshold)

Always validate confidence to ensure the price is reliable.

References

• Pyth Network — Best Practices
• CWE-672: Operation on a Resource after Expiration or Release