Fallback behavior on oracle failure

Midas's assessment for RD-F-051 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No fallback oracle identified for any mToken or payment token. If MTBillCustomAggregatorFeed stops receiving price updates, the vault functions continue calling getDataInBase18() which returns the last stored round data without reversion — CustomAggregatorFeed lacks a staleness check (confirmed by Sherlock 2024-08 review: 'The contract lacks timestamp validation'). DataFeed.sol has a 3-day HEALTHY_DIFF staleness guard for the Chainlink IB01/USD wrapper, but this does not apply to the mToken NAV oracle (CustomAggregatorFeed). Hacken Dec 2023 finding F-2023-0288 ('Missing oracle refresh checks') was marked Fixed, but the fix appears to have targeted DataFeed.sol's HEALTHY_DIFF, not CustomAggregatorFeed's missing staleness.

Sources #

GitHub
Sherlock 2024-08 Audit Repo — CustomAggregatorFeed reviewsherlock-audit/2024-08-midas-minter-redeemer CustomAggregatorV3CompatibleFeed.sol: No Staleness Mechanism — contract lacks timestamp validation, simply returns updatedAt from stored round dataretrieved 2026-05-16
Audit
Hacken Midas Vault Audit Dec 2023Hacken Dec 2023 finding F-2023-0288 Missing oracle refresh checks (Medium, marked Fixed)retrieved 2026-05-16

Methodology #

Identify the declared fallback behavior (pause, secondary source, last-known-price, revert) when the primary oracle reverts or reports a stale value.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol midas factor RD-F-051 score yellow collected_at 2026-05-16 09:34:55