Severity: Medium-High
When the pricing API fails, the system falls back to hardcoded cryptocurrency prices. These values can become outdated quickly due to market volatility.
Risks include:
Undercharging users (revenue loss)
Overcharging users (user dissatisfaction or legal risk)
Inconsistent pricing
There is no:
Timestamp validation
Price sanity checks
Slippage tolerance
Why this matters:
Accurate pricing is critical in financial transactions. Using stale data can create both financial and reputational damage.
What’s needed:
Reliable price feeds with fallback providers
Time-based invalidation of cached prices
Bounds checking and slippage protection
Severity: Medium-High
When the pricing API fails, the system falls back to hardcoded cryptocurrency prices. These values can become outdated quickly due to market volatility.
Risks include:
Undercharging users (revenue loss)
Overcharging users (user dissatisfaction or legal risk)
Inconsistent pricing
There is no:
Timestamp validation
Price sanity checks
Slippage tolerance
Why this matters:
Accurate pricing is critical in financial transactions. Using stale data can create both financial and reputational damage.
What’s needed:
Reliable price feeds with fallback providers
Time-based invalidation of cached prices
Bounds checking and slippage protection