Missing inputAmount != 0 checks
Summary
There are some functions that do not sanitize inputs to ensure zero amounts are not passed in
Vulnerability Details
Zero value inputs in some functionality can lead to unintended or unexpected behaviours as in the links provided and or examples below ExitShortFacet.sol line 149
In above function caller can mistakenly exit short with price = 0 (e.g faulty front ends may use default value uint etc); Tracking the price value and its calculations in the functions shows function will go through disadvantaging the caller.
Impact
Zero unintended amount or value inputs can lead to accounting problems, disadvantaging users or protocol not working as expected. As seen in example below it disadvantages user who exits short with 0 price. This is a low impact as users need to be careful with their inputs, however protocol needs to help by enforcing and sanitizing inputs.
Tools Used
Manual Analysis
Recommendations
Recommended to enforce that where inputs taking amount = 0 as not intended enforce that it's not possible e.g
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.