Autonomous SC audit pipeline

File src/DBR.sol:285-295 · agent DBR token mechanics The bug accrueDueTokens() is public and permissionless. When called for a user with no debt, it sets lastUpdated[user] = block.timestamp. But the conditional if(accrued > 0 || lastUpdated[user] == 0) means if lastUpdated was already set and debt == 0, the timestamp never gets refreshed. Attack

1. Attacker calls accrueDueTokens(victim) at T1     -> lastUpdated[victim] = T1
2. One year passes. Victim borrows 1000 DOLA at T2
3. onBorrow() -> accrueDueTokens(): debt=0, lastUpdated!=0
   -> accrued=0, condition FALSE, lastUpdated stays T1!
4. debts[victim] += 1000e18
5. balanceOf(victim) now computes: (T2+1 - T1) * 1000e18 / 365 days
   = ~1000 DBR consumed INSTANTLY (should be ~0.00003 DBR)
6. Victim immediately in deficit -> force replenished at penalty

Impact An attacker can grief any future borrower. The attack costs only gas. The attacker can also profit as the force replenisher, since that role earns a DOLA reward from the Market contract. Fix Always update lastUpdated no matter the accrual amount.

File src/feeds/ConvexCurvePriceFeed.sol:36-50, ConvexFraxSharePriceFeed.sol:33-47 · agent base feed infrastructure

Legacy feeds call raw Chainlink feeds directly, with no heartbeat check, no isPriceOutOfBounds, no fallback, and no staleness signal. During a circuit breaker event, say a CRV crash past minAnswer, collateral can be overvalued 10x.

File src/DbrDistributor.sol:66-73 · agent DBR token mechanics

The onlyINVEscrow modifier places _ before validation. It's safe right now, since a revert rolls back, but the pattern is fragile. Code comments call this an intentional CEI violation for reentrancy protection. Likely out of scope, an acknowledged design choice.

File src/feeds/WbtcPriceFeed.sol:70-71

Division by wbtcBtcPrice happens before the bounds check. A feed returning 0 triggers a division-by-zero panic, the fallback becomes unreachable, and the entire wBTC market freezes. Post-audit contract, and novel.

File src/feeds/WbtcPriceFeed.sol:70-73

The BTC/USD Chainlink feed never gets checked for circuit breaker bounds. Only wBTC/BTC is checked. If BTC/USD hits its circuit breaker cap, the capped price passes through and never triggers the fallback. Post-audit, and novel.

File src/feeds/WbtcPriceFeed.sol:123-131

The fallback uses Curve tricrypto plus Chainlink USDT/ETH plus ETH/USD with zero staleness, bounds, or negative checks. It returns updatedAt from the primary path, not the fallback. Post-audit, and novel.

File src/feeds/ChainlinkBasePriceFeed.sol:77-93

When the primary feed is stale or out of bounds, the fallback price gets accepted with no staleness or bounds validation. Both feeds failing at once means an undetected bad price.

File ConvexCurvePriceFeed.sol:42-46

A hardcoded 50% floor sits on the CvxCRV/CRV ratio. If CvxCRV depegs to 20%, the feed still reports 50%, overvaluing by 2.5x. Comments call it temporary, but it stays in production.

File ChainlinkBasePriceFeed.sol:78-86

The fallback price never gets checked for positive or zero. Oracle.sol mitigates it with require(price > 0), but direct feed consumers like PessimisticFeed and CurveLPPessimisticFeed bypass that check.

File DolaPriceFeed.sol:103-131

When pyUSD/USD and FRAX/USD go stale at the same time, a stale price gets returned with updatedAt = 0. Liquidations then proceed on stale data.

File ChainlinkBasePriceFeed.sol:87-90, Oracle.sol:158-162 C4 duplicate risk

Staleness is not checked in Oracle.sol. BorrowController only protects borrows. C4 flagged the same systemic issue in October 2022.

File Market.sol:658, 630, 469 C4 duplicate risk

Same systemic staleness gap. Not submittable as novel.

File DolaFixedPriceFeed.sol:13

An acknowledged design choice. The contract carries a "don't use for external integrations" comment. A DOLA depeg is a protocol-level systemic risk.