DittoETH

Ditto

DeFiFoundryOracle

55,000 USDC

View results

Previous Next

Submission Details

Severity: high

Invalid

The DAO is incentivised to shutdown markets

cosine

Summary

When shutting down a market, the excess zETH is sent to the TAPP and the DAO is able to withdraw from the TAPP. Therefore, the DAO can profit from a market shutdown and is incentivised to tune the parameters of the protocol in a way that would increase the likelihood of a market shutdown.

Vulnerability Details

When a CR of an asset false below the minimumCR anyone can shut down the market. If the CR is still above 1, the TAPP receives the excess zETH collateral:

if (cRatio > 1 ether) {

// More than enough collateral to redeem ERC 1:1, send extras to TAPP

uint88 excessZeth =

assetZethCollateral - assetZethCollateral.divU88(cRatio);

s.vaultUser[vault][address(this)].ethEscrowed += excessZeth;

// Reduces c-ratio to 1

Asset.zethCollateral -= excessZeth;

}

The DAO is able to update this minimumCR value, as well as other parameters like the firstLiquidationTime, secondLiquidationTime, resetLiquidationTime, primaryLiquidationCR, secondaryLiquidationCR, etc. these are all able to influence the liquidation process and therefore if an asset drops below the minimumCR value.

And the DAO is also able to withdraw from the TAPP and is therefore be incentivised to tune the parameters of the protocol in a way that markets will shut down:

function withdrawTapp(address bridge, uint88 zethAmount)

external

onlyDAO

onlyValidBridge(bridge)

{

if (zethAmount == 0) revert Errors.ParameterIsZero();

uint256 vault;

if (bridge == rethBridge || bridge == stethBridge) {

vault = Vault.CARBON;

} else {

vault = s.bridge[bridge].vault;

}

uint88 ethAmount = _ethConversion(vault, zethAmount);

s.vaultUser[vault][address(this)].ethEscrowed -= zethAmount;

s.vault[vault].zethTotal -= zethAmount;

IBridge(bridge).withdraw(msg.sender, ethAmount);

emit Events.WithdrawTapp(bridge, msg.sender, zethAmount);

}

Impact

The likelihood of market shutdown increases, and therefore the likelihood of losing funds when starting a short position increases. This will most likely lead to less shorters entering the system, which is necessary for the protocol to work.

Tools Used

Manual Review

Recommendations

Rethink the distribution of funds on a market shutdown and / or checks inside the OwnerFacet which influence the way the DAO is able to update the liquidation conditions.

Updates

Lead Judging Commences

0xnevi Lead Judge

almost 2 years ago

0xnevi Lead Judge almost 2 years ago

Submission Judgement Published

Invalidated

Reason: Admin Input/call validation

Prize pool breakdown

Total prize

55,000 USDC

nSLOC

3,365

16 USDC / LOC

High Medium

50,000 USDC

Low

5,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.