Steadefi
Steadefi
DeFiHardhatFoundryOracle
35,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Lack of complete Logic for conditional implementation

Obin

Summary

else block missing in conditional statement in GMXCallback:: afterDepositExecution()

Vulnerability Details

Lack of else block in the conditional statement renders the entire call back function incomplete. For an edge case, this can cause insufficient handling of the GMX deposit process and hence possible high severity.

When this edge case occurs, the function will fail silently leaving a huge unfilled gap in deposit process.
Due to its lower possibility of occurrence, tagged medium.

Impact

possible compromise in GMX deposit process.

Tools Used

Manual Review

Recommendations

Even if protocol developers think its so much of an edge case, then at least for a complete programming logic, a revert() may be included

function afterDepositExecution(
bytes32 depositKey,
IDeposit.Props memory /* depositProps */,
IEvent.Props memory /* eventData */
) external onlyController {
GMXTypes.Store memory _store = vault.store();
if (...)
else if (...)
else {
revert
}
}
Updates

Lead Judging Commences

hans Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Other
Assigned finding tags:

Incomplete logic branch in callback

Obin Submitter
over 1 year ago
hans Auditor
over 1 year ago
Obin Submitter
over 1 year ago
hans Auditor
over 1 year ago
hans Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Other
Assigned finding tags:

Incomplete logic branch in callback

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.