Fun Grey Okapi - STALENESS_THRESHOLD of 7 days is too long due to market volatility

[sherlock-admin3]

Fun Grey Okapi

Medium

STALENESS_THRESHOLD of 7 days is too long due to market volatility

Summary

The oracle staleness check
reverts to 0 if the price is stale (last update older than STALENESS_THRESHOLD)
which is currently set to 7 days.

However due to the volatility of crypto markets 7 days is long.

Root Cause

https://github.com/sherlock-audit/2025-03-pinlink-rwa-tokenized-depin-marketplace/blob/main/marketplace-contracts/src/oracles/CentralizedOracle.sol#L19

   uint256 public constant STALENESS_THRESHOLD = 7 days;

   if ((block.timestamp - lastPriceUpdateTimestamp) > STALENESS_THRESHOLD) {

Internal Pre-conditions

NA

External Pre-conditions

NA

Attack Path

NA

Impact

Outdated Prices:

Cryptocurrency prices can change significantly within hours or days. A 7-day threshold means the oracle could provide prices that are completely outdated.

For example, if the price of the token drops by 50% in 1 day, the oracle could continue providing the old price for up to 6 more days.

PoC

No response

Mitigation

change the STALENESS_THRESHOLD to 1 day

uint256 public constant STALENESS_THRESHOLD = 1 days;