Summary

Beanstalk wants to prevent unhealthy(inflated) BDV positions from remaining "opened" by allowing users to call the Anti-Lambda through the ConvertFacet on behalf of other users and this way update their BDV with the current market value when the old BDV > current BDV.

Explanation given by the devs: "An Anti-Lamda Convert is a convert type that allows people to update other people's bdv on the downside. In a pvp enivornment like the evm, you'd expect people to update large positions with a huge BDV. Anti-lamda Converts can only be done on a per-deposit basis, as the ability to merge deposits should not be allowed."

Vulnerability Details

• The problem with the assumption above is that the gas fees on Ethereum are pricy. Even though calling anti-lambda convert on "large positions" makes sense(for Beanstalk users), small deposits with inflated BDV will remain open due to the lack of incentives for the caller. In a PvP environment like the EVM, incentives need to be given otherwise there is no reason to call the anti-lambda convert.

• Even for large positions, there is no incentive for users that do not have deposits on the Silo(so the Stalk can be distributed fairly). Due to this and the gas fees, many times especially when gas fees get higher, those inflated BDVs may remain open for a longer period of time or maybe undefenitely and keep growing overpaid Stalk.

Impact

• Several inflated/unhealthy BDV positions will remain open and accumulate over time.

• Beanstalk will overpay in stalk/seed for the inflated BDV deposits.

• In a market crash where prices are declining, the accumulation of these inflated BDV positions will exacerbate the issue, leading to significant overpayment in stalk/seed, putting the protocol at severe financial risk, and potentially destabilizing the entire ecosystem.

Tools Used

Manual Review

Recommendations

• Rethink about the incentives for calling the Anti-Lambda function. If possible, it shouldn't only incentivize the protocol's users(users that have deposits in the Silo) but also external actors(thus allowing an effective pvp with users that are seeking benefits while helping to maintain the protocol in it's expected state).