Context
contracts/oracle/ exists. An oracle contract that demonstrates price staleness detection (reading stale prices as a vulnerability) would make a good S006 teaching example.
Work
Acceptance criteria
sanctifier analyze contracts/oracle finds S006 on get_price_unsafe
get_price_safe does not trigger S006
- Tests cover: fresh price, stale price, missing price
Context
contracts/oracle/exists. An oracle contract that demonstrates price staleness detection (reading stale prices as a vulnerability) would make a good S006 teaching example.Work
get_price_unsafe(asset)function that reads without checking staleness (triggers S006)get_price_safe(asset, max_age_ledgers)function that checks freshnessset_price(asset, price, timestamp)admin functionAcceptance criteria
sanctifier analyze contracts/oraclefinds S006 onget_price_unsafeget_price_safedoes not trigger S006