Steadefi

Summary

I understand that the emergencyClose function at the GMXEmergency file is meant to be called at the GMXVault file but it can also be called by an outsider injecting bad data for the self parameter.

Vulnerability Details

In this function;

The vulnerability arises due to the absence of access control mechanisms within the emergencyClose function. As a result, anyone on the network can call this function, regardless of their permissions or privileges. This lack of access control creates a significant security risk.

An attacker can craft a transaction with arbitrary values for the self parameter and initiate the emergencyClose function. This unauthorized invocation can lead to forced closed positions to cause network disruptions while main vault data is still opened due to the self being a storage variable.

Impact

The impact of this vulnerability can be severe and wide-ranging:

• Unauthorized Access: Any malicious actor can call the emergencyClose function without restrictions, potentially leading to unauthorized access to the contract's functionality and assets.

• Fund Draining: Using Slippage, a malicious actor can force the contract to lose funds.

• Disruption: Unauthorized calls to this function can disrupt the normal operation of the contract, causing instability and affecting other users.

Tools Used

• Manual Code Review

• Automated Scanning

Recommendations

To mitigate the identified vulnerability and enhance the security of the smart contract, the following recommendations should be implemented:

• Access Control: Implement proper access control mechanisms to restrict the emergencyClose function to authorized users or GMXVault contract only. This can be achieved by employing modifiers and role-based access controls.

• External Functionality Restrictions: Consider changing external to internal calls for critical functions like emergencyClose to prevent unauthorized external access except by the GMXVault contract interfacing it.