Wrong parameters used in conversion of equity value to svToken shares in processDeposit
Summary
Wrong formula is used for the calculation of conversion of equity value to svToken shares in processDeposit function.
Vulnerability Details
Formula for correct calculation of shares amount from equity value would be: (change in equity value * sharessupply)/(currentEquity)
And the same is used by protocol in valueToShares at GMXReader.sol at :
https://github.com/Cyfrin/2023-10-SteadeFi/blob/main/contracts/strategy/gmx/GMXReader.sol#L44C1-L57C1
The problem occurs when values are passed down from GMXProcessDeposit.sol::processDeposit. Here we can see , instead of present/current equity value, which is self.depositCache.healthParams.equityAfter, the previous/stale equity value has been passed on :
https://github.com/Cyfrin/2023-10-SteadeFi/blob/main/contracts/strategy/gmx/GMXProcessDeposit.sol#L26C3-L30C7
Impact
More number of shares will be given to USER'S, as current equity value is being used in the denominator of the shares amount as can be seen above.
Tools Used
Manual Review
Recommendations
Change the value passed on to self.depositCache.healthParams.equityAfter from self.depositCache.healthParams.equityBefore
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.