Position Limit Can Never Be Met
Summary
In the validatePositionsLimit function, the maximum positions limit can never be met because the check leads to a revert whenever the activePositionsLength is greater than or equal to maxPositionsPerAccount.
This limits the functionality of the protocol and leads to users unexpectedly being unable to execute strategies that require the full maxPositionsPerAccount.
Vulnerability Details
The issue with this is that the maxPositionsPerAccount is supposed to represent the maximum number of positions an account can have. This means that a user needs to be able to reach the maximum amount for maxPositionsPerAccount to fulfill its purpose.
Because the check uses >= instead of just >, the conditional will revert when activePositionsLength is equal to maxPositionsPerAccount.
At a minimum, this hinders the functionality of the protocol and limits what can be done. In a worst-case scenario, if the maxPositionsPerAccount were ever changed to 1, no one would be able to open any positions. This is unlikely, but worth mentioning.
With a high likelihood and low impact, this makes sense as a medium severity issue. The likelihood is high because this will always prevent the maximum number of accounts from being created. The impact is low because functionality is limited only for traders who want multiple positions.
Impact
Limited functionality for traders.
Tools Used
Manual analysis.
Recommendations
Change >= to > in the validatePositionsLimit function like so:
Lead Judging Commences
It's impossible for users to open maximum allowed positions per account, drop the equal in `activePositionsLength >= maxPositionsPerAccount`
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.