S2 ERC4626PriceOracles.price(ofToken:) Ignores ofToken and Can Mislead Callers #112
Description
File(s) affected: cadence/contracts/connectors/evm/ERC4626PriceOracles.cdc
Description: ERC4626PriceOracles.PriceOracle.price(ofToken:) accepts a caller-provided Type but does not validate it;
it always returns the price of the oracle's configured ERC4626 vault regardless of the requested token type. This can lead to
accidental misuse where callers request a price for the wrong token type and still receive a non- nil price, potentially masking
integration bugs.
Recommendation: Return nil unless ofToken equals the expected share token type for this oracle.