defirisk.co
rubric v1.7.0

Chainlink aggregator min/max bound misconfig

Hyperlane's assessment for RD-F-060 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

The 19 Chainlink feeds in the data cache are standard well-known pairs (ETH/USD, BTC/USD, USDC/USD, USDT/USD, LINK/USD, COMP/USD, UNI/USD, AVAX/USD) on Ethereum mainnet. Specific min/max bound configurations for each feed were not individually verified via on-chain reads in this session. The feeds are not in the message-security path; they serve collateral-accounting context only. Primary on-chain aggregator min/max reads not performed.

Sources #

  • Internal
    Hyperlane data cache — oracle_feeds00-data-cache.json sources.oracle_feeds[] — 19 feeds with deviation thresholds listed; min/max bounds not in cache schemaretrieved 2026-05-17

Methodology #

Determine whether the Chainlink aggregator's `minAnswer` and `maxAnswer` circuit-breaker bounds are misconfigured (too wide or too narrow) for the asset class.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol hyperlane factor RD-F-060 score gray collected_at 2026-05-16 23:03:56