Zaros Part 1

L-01 validatePositionsLimit can be bypassed through off-chain orders

The validatePositionsLimit check ensures that a users cannot go over a defined number of positions. However, this is only being checked for on-chain orders. A user can have the maximum number of positions and still add an unlimited amount of orders through off-chain orders.

Additional logic should be implemented to make sure an off-chain order also performs the validatePositionsLimit check and reverts if necessary.

L-02 removeCollateralFromLiquidationPriority has unaccounted side-effects

When a collateral is removed through the abovementioned function, and such a position is liquidated, the system does not include it in the deductAccountMargin call and does not collect any fees or resolve the PnL.
However, the position is cleared as if fees & PnL are collected.

This has several unwanted consequences:

• Since IsLiquidatable is calculated based on existing collateral and margins in active markets, the user could get called into liquidation on every check since the actual collateral and insufficient margin are still present.

• The user could collect the collateral (to which she does not have any right since she's liquidated) through withdrawMargin. Futhermore, the validateMarginRequirement check will always pass since the margin calculations are corrupted due to the clearing of the position.

The loss to the protocol would be the collateral that the user can unjustly witdraw, but since the protocol has explicitly removed it from its liquidation priority, I can only assume it has discarded any revenue from it.