Zaros Part 1

When liquidating multiple accounts in the same tx, the fundingFeePerUnit that will be used to compute the fundingFee is erroneously calculated for all the accounts starting from the 2nd liquidated account.

- The fundingFeePerUnit of all the liquidated accounts will be the same fundingFeePerUnit as the one computed for the first liquidated account, regardless of the position size and mark price of each position being liquidated.

​

When liquidating accounts, it is possible to liquidate multiple accounts in the same tx, which means, the block.timestamp for all of these liquidations will be the same.

​

As part of the liquidation process, [the logic computes the funding fee that the position being liquidated has accrued](https://github.com/Cyfrin/2024-07-zaros/blob/main/src/perpetuals/leaves/TradingAccount.sol#L280-L297), either positive or negative. This fundingFee is derived from the fundingFeePerUnit, which the fundingFeePerUnit is computed from the `lastFundingFeePerUnit` and the `pendingFundingFeePerUnit`.

- The `pendingFundingFeePerUnit` itself is derived from the average funding rate, the elapsed time since the last funding, and the current MarkPrice computed to reflect the change on the marked after closing the liquidated position.

- The problem with the current way how the `pendingFundingFeePerUnit` is computed is that **when liquidating more than 1 account at the same time, the `pendingFundingFeePerUnit` for the 2nd and the rest of the accounts will be 0**, which means, ***the `fundingFeePerUnitX18` for all the positions to be liquidated will be the same as the computed `fundingFeePerUnitX18` of the 1st liquidated position.***

- This is clearly wrong since each position can have a different size and a different MarkPrice, but, regardless of that, the `fundingFeePerUnitX18` would be the same for all the positions been liquidated.

- This ends up causing the funding fee to be paid/earn is wrong.

​

Let's see where exactly the problem occurs, this is the execution trace call:

`LiquidationBranch.liquidateAccounts()` => `TradingAccount.getAccountMarginRequirementUsdAndUnrealizedPnlUsd()` => `PerpetualMarket.getNextFundingFeePerUnit()`

​

- The nextFundingFeePerUnit is computed based on the current funding rate and the MarkPrice, which, the [currentFundingRate is computed](https://github.com/Cyfrin/2024-07-zaros/blob/main/src/perpetuals/leaves/PerpMarket.sol#L126-L130) based on the lastFundingRate, the currentFundingVelocity and the elapsedTimeSinceLastFunding.

- Here we encounter the first problem, **the fundingRate will be returned as the lastFundingRate, no matter the currentFundingVelocity.** ***The reason is that by multiplying currentFundingVelocity * elapsedTime, the result will be 0, because, elapsedTime is 0.***

​

function getCurrentFundingRate(Data storage self) internal view returns (SD59x18) {

}

​

function getProportionalElapsedSinceLastFunding(Data storage self) internal view returns (UD60x18) {

//@audit => When liquidating multiple account, the lastFundingTime of the 2nd and the rest of positions in the same market will be `block.timestamp`, so, this will return 0

}

​

- Now, [when computing the nextFeePerUnit](https://github.com/Cyfrin/2024-07-zaros/blob/main/src/perpetuals/leaves/PerpMarket.sol#L227-L237), we'll see why the value for the 2nd and rest of positions will be the same as the one computed for the first position.

- The nextFeePerUnit will be only the lastFundingFeePerUnit, because the pendingFeePerUnit will be computed as 0, for the same reason the funding rate is also computed as 0.

​

function getNextFundingFeePerUnit(

​

function getPendingFundingFeePerUnit(

​

​

​

​

Finally, now that we've seen the fundingFeePerUnit would be the same for all the positions, regardless of their size, let's see how the fundingFeePerUnit impacts the actual funding fee to pay/earn.

​

function getAccountMarginRequirementUsdAndUnrealizedPnlUsd(

)

{

​

​

​

​

​

​

​

}

​

I coded a PoC to demonstrate the problem about all accounts been liquidated using the same fundingFeePerUnit.

​

We'll need to add a couple of console.log statements to the `TradingAccount.sol` and `LiquidationBranch.sol` files, so we can see the exact values when the functions are called.

​

First, help me to add the next lines on the [`TradingAccount.sol`](https://github.com/Cyfrin/2024-07-zaros/blob/main/src/perpetuals/leaves/TradingAccount.sol) file:

+ import { console2 } from "forge-std/Test.sol";

​

library TradingAccount {

​

...

​

function getAccountUnrealizedPnlUsd(Data storage self) internal view returns (SD59x18 totalUnrealizedPnlUsdX18) {

​

​

​

+ console2.log("Data of MarketID: ", marketId);

+ console2.log("======> fundingFeePerUnitX18: ", fundingFeePerUnitX18.intoInt256());

​

}

​

...

​

function getAccountMarginRequirementUsdAndUnrealizedPnlUsd(

​

​

​

+ console2.log("Values while liquidating in Market ID: ", perpMarket.id);

+ console2.log("======> fundingFeePerUnit: ", fundingFeePerUnit.intoInt256());

​

​

}

​

​

Now, help me to add the next lines on the [`LiquidationBranch.sol`](https://github.com/Cyfrin/2024-07-zaros/blob/main/src/perpetuals/branches/LiquidationBranch.sol) file:

+ import { console2 } from "forge-std/Test.sol";

​

contract LiquidationBranch {

​

...

​

function liquidateAccounts(uint128[] calldata accountsIds) external {

​

+ console2.log(" Liquidation data of account: ", ctx.tradingAccountId);

​

​

...

}

​

​

Finally, let's add the below PoC to the [`liquidateAccounts.t.sol`](https://github.com/Cyfrin/2024-07-zaros/blob/main/test/integration/perpetuals/liquidation-branch/liquidateAccounts/liquidateAccounts.t.sol) test file:

​

// Make sure to add the console2 log dependency at the very top

import { console2 } from "forge-std/Test.sol";

​

contract LiquidateAccounts_Integration_Test is Base_Test {

...

​

//PoC

function test_sameFundingFeeForOperationOnSameBlockTimestampPoC()

{

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

}

​

}

​

Run the Poc with the command `forge test --match-test test_sameFundingFeeForOperationOnSameBlockTimestampPoC -vvv`, and let's analyze the output:

- As we can see, while the accounts are been liquidated, the fundingFeePerUnit of the two accounts is the same, regardless of the difference in the position size and the mark price.

===============================================

=========== Start of PoC Output ===============

===============================================

//@audit => Data before running the liquidation!

Data of MarketID: 3

//@audit => fundingFeePerUnit of account1 on Market3 will be the same fundingFeePerUnit for all the liquidated accounts

======> fundingFeePerUnitX18: -30419422517522

​

Data of MarketID: 5

//@audit => fundingFeePerUnit of account1 on Market5 will be the same fundingFeePerUnit for all the liquidated accounts

======> fundingFeePerUnitX18: -26240866280127

===============================================

//@audit => This is the fundingFeePerUnit that should be used when liquidating account2, but instead, it will use the fundingFeePerUnit of account1

​

Data of MarketID: 3

======> fundingFeePerUnitX18: -30419400850761

​

Data of MarketID: 5

======> fundingFeePerUnitX18: -26240866002832

===============================================

===============================================

//@audit => Data while liquidating the accounts

Values while liquidating in Market ID: 3

======> fundingFeePerUnit: -30419422517522

​

Values while liquidating in Market ID: 5

======> fundingFeePerUnit: -26240866280127

===============================================

Values while liquidating in Market ID: 3

//@audit => Same fundingFeePerUnit as the account1 in Market3 regardless of the difference in size and mark price

======> fundingFeePerUnit: -30419422517522

​

//@audit => Same fundingFeePerUnit as the account1 in Market5 regardless of the difference in size and mark price

Values while liquidating in Market ID: 5

======> fundingFeePerUnit: -26240866280127

===============================================

============ End of PoC Output ===============

===============================================

​

​

The funding fee of the liquidated accounts starting from the 2nd one will be computed wrong because the fundingFeePerUnit that will be used is not the actual value for each position, instead, all the liquidations will use the fundingFeePerUnit that was computed for the first liquidated position.

​

Manual Audit & Foundry

​

I'd recommend adding a conditional on the [`PerpetualMarket.getProportionalElapsedSinceLastFunding() function`](https://github.com/Cyfrin/2024-07-zaros/blob/main/src/perpetuals/leaves/PerpMarket.sol#L261-L265) to handle the case when the elapsed time is 0, and instead of returning 0, return a fixed constant that would allow the computation of pendingFundingFeePerUnit and currentFundingRate.

​

The idea is to have a mechanism that can allow to execute multiple operations on the same block.timestamp without that causing problems when computing values dependent on the elapsed time.

​

function getProportionalElapsedSinceLastFunding(Data storage self) internal view returns (UD60x18) {

+ if (block.timestamp == self.lastFundingTime) {

+ return a fixed value to allow the computation of pendingFundingFee and currentFundingRate.

+ }

​

}