Check timestamp sanity of individual beacons in beacon set update

Question

Check timestamp sanity of individual beacons in beacon set update

aquarat opened this issue 2 years ago · comments

Refer to Slack thread here.

Currently, the DapiServer contract uses averaging to determine the output timestamp across a set of input beacon values when updating a beacon set. The problem with this approach is that a malicious Airnode could misreport the timestamp of their data, (eg. they could double the timestamp value). This would greatly increase the average timestamp value across the beaconset, causing the isValidTimestamp check to reject the value and the entire beacon set failing to update.

An interim solution is to do a check within Airseeker to confirm that the timestamp values are sane. A longer-term solution is to make the DapIServer using median instead of averaging for calculating the output timestamp.

Santiago Aceñolaza · Answer 1 · Thu Feb 16 2023 21:49:54 GMT+0800 (China Standard Time)

@aquarat I guess this issue is no longer relevant https://api3workspace.slack.com/archives/C037NLX1R8T/p1676541600224609?thread_ts=1675433240.760419&cid=C037NLX1R8T

Aaron Scheiner · Answer 2 · Fri May 12 2023 16:50:47 GMT+0800 (China Standard Time)

Closed by #358