Lack of Slippage mechanism between market order creation and filling
Summary
MarketOrders lack a slippage mechanism, which would protect users from massive price movements between order creation and order being filled.
Vulnerability Details
Users create market orders to open positions or alter existing market positions through OrderBranch.createMarketOrder. These orders can then be filled by the keepers.
However, there can be a time delay between when order is created and when it is filled which can be up to 5-10minutes. Note that this may be less time than the user can cancel the order as there is a time limit placed on pending orders checked through marketOrder.checkPendingOrder
During this time, it is possible for there to be a significant shift in the market markPrice. This can due to an attack or normal market conditions. The current markPrice at the time of filling is what is used to match the order and alter the position, which can be different from what the user originally expected.
Generally, in such scenarios protocols should provide a range which the user is comfortable with and skip filling if it falls out of that range. In this case however, users have no protection to random market movements.
Impact
Users have no protection against massive price movements as their orders are filled at current market markPrice which may be drastically different from the markPrice when the user created their order.
Tools Used
Manual Review
Recommendations
Implement a slippage mechanism in marketOrders to protect users
Lead Judging Commences
fillMarketOrder lacks slippage protection
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.