No validation of ```reserves[j]``` in ```ConstantProduct2::CalcRate```
Summary
The ConstantProduct2::calcRate calculates the rate between two reserves, identified by indices i and j. There is no check if reserve at index j is zero which is used as division in the calculation.
Vulnerability Details
Impact
If the reserve at index j becomes zero, the calculation of rate would result in a division by zero error. This is because of the denominator in the calculation. When the reserve at index j is zero, dividing by zero is not defined in Solidity, and the contract would revert with an error.
The ConstantProduct2::calcRate function is used in MultiFlowPump::_capRates. The MultiFlowPump::_capRates is responsible for ensuring that the rate of change between two reserves does not exceed specified limits. The rates are calculated to determine if the current reserves are within acceptable bounds compared to the last reserves, based on predefined maximum rate changes. If calcRate encounters a division by zero (i.e., if reserves[j] is zero), it will cause a revert due to the division by zero error. This revert will stop the execution of the _capRates function and any other operations that depend on its completion.
This failure means that the reserves will not be correctly capped, potentially allowing for unchecked rates that could violate the intended constraints of the system.
Tools Used
Manual review
Recommendations
Add a check to ensure that the reserve at index j is not zero before performing the division.
Lead Judging Commences
Informational/Invalid
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.