Steadefi

Steadefi
DeFiHardhatFoundryOracle
35,000 USDC
View results
Submission Details
Severity: high
Invalid

Risk of Undetected Failures and Lender Losses

Summary

During the processing of deposit cancellations, a vulnerability has been identified in the repay function within the contract. This function lacks essential validation and does not provide any feedback regarding the success or failure of transactions when repaying borrowed tokens to lending vaults. It's important to note that, as the LendingVault component falls outside the scope of this audit, we cannot guarantee the consistency of transaction success. The absence of validation raises a critical concern: transactions may silently fail to repay debt, ultimately leading to funds becoming stranded within the GMXVault.sol contract. Furthermore, during deposit and withdrawal actions, this issue can be compounded as funds are transferred to an address referred to as "trove," resulting in potential financial losses for lenders.

Vulnerability Details

Impact

The potential impact of this vulnerability includes:

Funds become trapped in the contract due to unsuccessful repayment transactions.
Losses for lenders as the deposit function may further move funds to the trove address without the debt being addressed.

Tools Used

Recommendations

  1. Transaction Validation: Implement thorough validation in the repay function to ensure the success of debt repayment. This should include verifying that the transaction successfully repays the specified debt amounts.

function repay(
GMXTypes.Store storage self,
uint256 repayTokenAAmt,
uint256 repayTokenBAmt
) public {
if (repayTokenAAmt > 0) {
bool status = self.tokenALendingVault.repay(repayTokenAAmt);
if (!status) Error.DepositCancellationCallback()
}
if (repayTokenBAmt > 0) {
self.tokenBLendingVault.repay(repayTokenBAmt);
if (!status) Error.DepositCancellationCallback()
}
}
  1. Try/Catch Exception Handling: Implement a try/catch mechanism to handle exceptions and revert the transaction in case of failure. This approach can prevent the silent failure of transactions and provide clearer feedback on success or failure. Ensure that the catch block handles any exceptional scenarios gracefully.

function repay(
GMXTypes.Store storage self,
uint256 repayTokenAAmt,
uint256 repayTokenBAmt
) public {
try self.tokenALendingVault.repay(repayTokenAAmt) {
// Transaction was successful, no further action is needed.
} catch Error(string memory reason) {
}
try self.tokenBLendingVault.repay(repayTokenBAmt) {
// Transaction was successful, no further action is needed.
} catch Error(string memory reason) {
revert(string(abi.encodePacked("TokenB repayment failed: ", reason)));
}
}
  1. Implement a Pull over Push Payment Pattern: Consider adopting a "Pull over Push" payment pattern. Restrict updates to the repayment mechanism to authorized keepers who manually trigger the repayments. This pattern allows for more control and predictability in debt repayment processes and helps prevent unauthorized or unintended transactions.

Updates

Lead Judging Commences

hans Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Lack of quality

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.