Sysvar Cache Staleness Remediation

Overview

Related Detector: Sysvar Cache Staleness

Cached sysvar values can become stale during execution. The fix is to read sysvars close to the point of use rather than caching them early in execution.

Recommended Fix

// Read sysvar immediately before use
let clock = Clock::get()?;
require!(clock.unix_timestamp <= deadline, Expired);

Common Mistakes

Mistake: Caching at Function Entry

// WRONG: cached at entry, used after CPI
let clock = Clock::get()?;
invoke(&external_ix, accounts)?;
// Clock value may not reflect current time accurately
require!(clock.unix_timestamp <= deadline, Expired);

Re-read after CPI if timing is critical.

References

• Solana — Sysvars
• CWE-672: Operation on a Resource after Expiration