Contract Name: spot.sol
Type/Category: DSS —> Core Module
Spot liaison between the
oracles and the core contracts. It functions as an interface contract and only stores the current
All mathematical operations will revert on overflow or underflow
All methods execute in constant time
ilk a given collateral type
ilk.pip the contract which holds the current price of a given
ilk.mat the liquidation ratio for a given
vat the core of the mcd system
par relationship between DAI and 1 unit of value in the price. (Similar to TRFM)
Only authorized users can update any variables in contract
poke is the only non-authenticated function in
spot. The function takes in a
bytes32 of the
ilk to be "poked".
poke calls two
peek calls the OSM for the given
ilk and takes back in the
has(a boolean which is false if there was an error in the
osm). The second external call only happens if
has == true.
When calculating the
par is crucial to this calculation as it defines the relationship between DAI and 1 unit of value in the price. The
val is then divided by the
par(to get a ratio of
DAI) and then the resulting value is divided by the
ilk.mat. This gives us the current
spot price for the given
file is then called after calculating the
spot. This updates the
vat with the current liquidation price of the
ilk which the function was called for.
The methods in the
spotter are relatively basic compared to most other portions of
dss. There is not much room for user error in the single unauthed method
poke. If an incorrect
bytes32 is supplied the call will fail.
Any module that is authed against the
spot has full root access, and can, therefore, add and remove which
ilks can be "poked". While not completely breaking the system, this could cause considerable risk.
A bug in
spot would most likely result in the prices for collaterals not being updated anymore. In this case, the system would need to authorize a new
spot which would then be able to update the prices. Overall this is not a catastrophic failure as this would only pause all price fluctuation for some period.
spot relies upon a set of trusted oracles to provide price data. Should these price feeds fail, it would become possible for unbacked Dai to be minted, or safe Vaults could be unfairly liquidated.
poke is not called frequently enough, the
spot price will become stale. This could arise for a few reasons including tragedy of the commons or miner collusion and could lead to negative outcomes such as inappropriate liquidations, or the prevention of liquidations that should be possible.