Circular Logic in Fee Distribution within Smart Contract Functions
Summary
The smart contract functions increasePosition and decreasePosition contain a flawed logic in fee distribution. Both functions invoke ILiquidationPoolManager(manager).distributeFees(), which in turn calls the distributeFees method of the current smart contract. This creates a circular call pattern, leading to potential issues in fee management and distribution.
Vulnerability Details
In both the increasePosition and decreasePosition functions, there is a call to ILiquidationPoolManager(manager).distributeFees(). Ideally, this should distribute fees to the liquidation pool manager. However, the way it's implemented leads to a circular call - the distributeFees method of the current contract is invoked instead of, or in addition to, the intended external manager contract's method. This could result in unintended behaviors, such as recursive calls or incorrect fee distribution, depending on how the distributeFees method is implemented in the current contract.
Impact
Recursive or unnecessary calls can consume more gas than intended.
Tools Used
Manual Review
Recommendations
Lead Judging Commences
informational/invalid
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.