Chainlink aggregator min/max bound misconfig

Beefy Finance's assessment for RD-F-060 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

BeefyOracleChainlink.sol and BeefyOracleChainlinkEthBase.sol both use latestAnswer() — the adapter code adds no min/max bounds check on top of the Chainlink aggregator's own bounds. The 19 Chainlink feeds in the data cache (ETH/USD heartbeat 3600s 0.5%, BTC/USD 3600s 0.5%, etc.) appear to be legitimate established Chainlink mainnet feeds with standard parameters, but Beefy's adapter layer does not verify minAnswer/maxAnswer. Yellow because the underlying Chainlink aggregators themselves have their own bounds, but the Beefy code provides no additional protection.

Sources #

Internal
Beefy data cache — Chainlink oracle feeds00-data-cache.json oracle_feeds[] — 19 Chainlink feeds identified with heartbeat and deviation parametersretrieved 2026-05-16
GitHub
BeefyOracleChainlinkEthBase.sol — no bounds checkBeefyOracleChainlinkEthBase.sol — 'does not verify minAnswer/maxAnswer limits; no bounds verification'retrieved 2026-05-16

Methodology #

Determine whether the Chainlink aggregator's `minAnswer` and `maxAnswer` circuit-breaker bounds are misconfigured (too wide or too narrow) for the asset class.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol beefy factor RD-F-060 score yellow collected_at 2026-05-16 13:10:30