DittoETH

Ditto

DeFiFoundryOracle

55,000 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

Recycle of short ids can lead to conflicts

GREYHAWKREACH

Summary

Short IDs are recycled and reused when short position are canceled or closed. This might causes inconsistencies or causes conflicts.

Vulnerability Details

in the Library contract LibShortRecord.sol , the function setShortRecordIDs L227-L281.
The function checks if there are previously cnaceled short positions and reuse their IDs when available. In case if its not canceled it increments the ID to create a new short record. Although this mechanism might optimize gas usage but in case if the number of the short ids exceeds this might introduce race condition.

Impact

The impact could lead to data integrity problems, when the short id is reused it may still be referenced for example in LibOrder.sol library, this could result in data inconsistency. Also if the short record id s used quickly this could introduce race condition.

Tools Used

Manual Analysis

Recommendations

Ensure proper management of recycle short ids and implement time-delay mechanism for short id reuse.

Updates

Lead Judging Commences

0xnevi Lead Judge

over 1 year ago

0xnevi Lead Judge over 1 year ago

Submission Judgement Published

Invalidated

Reason: User experience and design improvement

Prize pool breakdown

Total prize

55,000 USDC

nSLOC

3,365

16 USDC / LOC

High Medium

50,000 USDC

Low

5,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.