★ Oracle source = spot DEX pool (no TWAP)
OpenEden's assessment for RD-F-053 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
[★ CRITICAL — green] TBillPriceOracle is issuer-push/attested. No DEX pool interaction. Operator submits NAV price via updatePrice(uint256 price) with onlyAdminOrOperator access control. No slot0(), getReserves(), or Uniswap TWAP calls. The vault calls latestRoundData() on this custom oracle. RWA NAV not manipulable via DEX flash loan. F053 criteria (spot DEX pool with no TWAP) are not met — oracle source is authorized operator attestation, not a DEX.
Sources #
- AuditHacken Nov-2024 OpenEden V4Impl AuditHacken Nov-2024 audit: oracle finding F-2024-7422 about oracle validation gap (fixed); confirms issuer-push model, no DEX oracle referenceretrieved 2026-05-16
- TBillPriceOracle — Etherscan verified sourceTBillPriceOracle.sol verified source: updatePrice() with onlyAdminOrOperator; no external oracle call; stores latestAnswer as operator-submitted valueretrieved 2026-05-16
- OpenEden Vault Audit GitHub RepoOpenEdenHQ/openeden.vault.audit — TBillPriceOracle.sol: operator-push model confirmed; no DEX/TWAP dependencyretrieved 2026-05-16
Methodology #
Determine whether the primary oracle for any asset/market reads spot price from a single DEX pool without a TWAP window or secondary source.
See the full factor methodology and distribution across all protocols →