Zaros Part 1

Zaros

DeFiFoundry

60,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

Broken relationship between market skew and open interest can lead to incorrect pricing

krisrenzo

Summary

There is inconsistency in the relationship between market skew and total open interest

Vulnerability Details

The skew to open interest relationship is an invariant for perpetual markets that should always hold for the correct functioning of the market. On Zaros, skew is calculated as the sum of the total long open interest and total short open interest (with the negative sign). Maintaining this relationship is critical because the skew is how the protocol keeps the derivative price close to the underlying assets price (index price).
When we compare the value of the skew to the sum of long and short open interest, we see that they are not always equal.\

See the PoC

Proof of Code

The proof of code below shows the exploit in action.

How to run the PoC

Create a new test file named BugPoC.t.sol in test/ folder of the contest repo
Copy the code below and paste in the file.
Run the commands above the test functions in your CLI to run the test.

// SPDX-License-Identifier: UNLICENSED

pragma solidity 0.8.25;

// Zaros dependencies

import { Base_Test } from "test/Base.t.sol";

import { Errors } from "@zaros/utils/Errors.sol";

import { ERC20, IERC20 } from "@openzeppelin/token/ERC20/ERC20.sol";

import {console2} from "forge-std/console2.sol";

import { MockERC20 } from "test/mocks/MockERC20.sol";

import { MockPriceFeed } from "test/mocks/MockPriceFeed.sol";

import { Users, User, MockPriceAdapters } from "test/utils/Types.sol";

import { UpgradeBranch } from "@zaros/tree-proxy/branches/UpgradeBranch.sol";

import { LookupBranch } from "@zaros/tree-proxy/branches/LookupBranch.sol";

import { GlobalConfigurationBranch } from "@zaros/perpetuals/branches/GlobalConfigurationBranch.sol";

import { LiquidationBranch } from "@zaros/perpetuals/branches/LiquidationBranch.sol";

import { OrderBranch } from "@zaros/perpetuals/branches/OrderBranch.sol";

import { PerpMarketBranch } from "@zaros/perpetuals/branches/PerpMarketBranch.sol";

import { TradingAccountBranch } from "@zaros/perpetuals/branches/TradingAccountBranch.sol";

import { SettlementBranch } from "@zaros/perpetuals/branches/SettlementBranch.sol";

import { MarginCollateralConfiguration } from "@zaros/perpetuals/leaves/MarginCollateralConfiguration.sol";

import { Position } from "@zaros/perpetuals/leaves/Position.sol";

import { MarketOrder } from "@zaros/perpetuals/leaves/MarketOrder.sol";

import { SettlementConfiguration } from "@zaros/perpetuals/leaves/SettlementConfiguration.sol";

import { TradingAccountBranchTestnet } from "testnet/branches/TradingAccountBranchTestnet.sol";

import { GlobalConfigurationHarness } from "test/harnesses/perpetuals/leaves/GlobalConfigurationHarness.sol";

import { MarginCollateralConfigurationHarness } from "test/harnesses/perpetuals/leaves/MarginCollateralConfigurationHarness.sol";

import { MarketConfigurationHarness } from "test/harnesses/perpetuals/leaves/MarketConfigurationHarness.sol";

import { MarketOrderHarness } from "test/harnesses/perpetuals/leaves/MarketOrderHarness.sol";

import { PerpMarketHarness } from "test/harnesses/perpetuals/leaves/PerpMarketHarness.sol";

import { PositionHarness } from "test/harnesses/perpetuals/leaves/PositionHarness.sol";

import { SettlementConfigurationHarness } from "test/harnesses/perpetuals/leaves/SettlementConfigurationHarness.sol";

import { TradingAccountHarness } from "test/harnesses/perpetuals/leaves/TradingAccountHarness.sol";

import {LiquidationKeeper} from "@zaros/external/chainlink/keepers/liquidation/LiquidationKeeper.sol";

import {MarketOrderKeeper} from "@zaros/external/chainlink/keepers/market-order/MarketOrderKeeper.sol";

// PRB Math dependencies

import { UD60x18, ud60x18, ZERO as UD60x18_ZERO, convert as ud60x18Convert } from "@prb-math/UD60x18.sol";

import {SD59x18,sd59x18, unary, UNIT as SD_UNIT, ZERO as SD59x18_ZERO, convert as sd59x18Convert} from "@prb-math/SD59x18.sol";

contract BugPoC is Base_Test {

///////////// SETUP //////////////

address[] internal USERS;

MockERC20[] internal EXTERNAL_TOKENS;

address internal BOB;

address internal ALICE;

address internal defaultUser; // defaultUser

address USDC;

address wBTC;

address weETH;

uint256 internal constant INITIAL_USDC_BALANCE = 1_000_000;

uint256 internal constant INITIAL_WEETH_BALANCE = 100_000;

uint256 internal constant INITIAL_WBTC_BALANCE = 10_000;

MockPriceFeed btcPriceFeed;

MockPriceFeed ethPriceFeed;

function setUp() public override {

Base_Test.setUp();

changePrank({ msgSender: users.owner.account });

configureSystemParameters();

createPerpMarkets();

EXTERNAL_TOKENS = new MockERC20[](3);

EXTERNAL_TOKENS[0] = usdc;

EXTERNAL_TOKENS[1] = weEth;

EXTERNAL_TOKENS[2] = wBtc;

USDC = address(usdc);

wBTC = address(wBtc);

weETH = address(weEth);

btcPriceFeed = MockPriceFeed(marketsConfig[1].priceAdapter);

ethPriceFeed = MockPriceFeed(marketsConfig[2].priceAdapter);

BOB = users.naruto.account;

ALICE = users.sasuke.account;

USERS = new address[](2);

USERS[0] = BOB;

USERS[1] = ALICE;

_topUpUsers();

vm.stopPrank();

}

function _topUpUsers() internal {

address user;

for (uint8 i = 0; i < USERS.length; i++) {

user = USERS[i];

EXTERNAL_TOKENS[0].mint(user, INITIAL_USDC_BALANCE * (10 ** EXTERNAL_TOKENS[0].decimals()));

EXTERNAL_TOKENS[1].mint(user, INITIAL_WEETH_BALANCE * (10 ** EXTERNAL_TOKENS[0].decimals()));

EXTERNAL_TOKENS[2].mint(user, INITIAL_WBTC_BALANCE * (10 ** EXTERNAL_TOKENS[0].decimals()));

}

function clampBetween(

uint256 value,

uint256 low,

uint256 high

) internal pure returns (uint256) {

if (value < low || value > high) {

uint ans = low + (value % (high - low + 1));

return ans;

}

return value;

}

modifier updateMockPriceFeedBtcEth(uint256 _btcNewPrice, uint256 _ethNewPrice) {

uint256 btcNewPrice = clampBetween(_btcNewPrice, 10_000e18, 100_000e18);

uint256 ethNewPrice = clampBetween(_ethNewPrice, 500e18, 10_000e18);

updateMockPriceFeed(1, btcNewPrice);

updateMockPriceFeed(2, ethNewPrice);

}

function getPriceUint(MockPriceFeed priceFeed) internal view returns (uint256) {

(, int256 answer,,,) = priceFeed.latestRoundData();

return uint256(answer);

}

function performLiquidation(uint128 nextAccountId) internal {

LiquidationKeeper liquidationKeeper_ = LiquidationKeeper(liquidationKeeper);

uint256 checkLowerBound = 0;

uint256 checkUpperBound = uint256(nextAccountId);

uint256 performLowerBound = 0;

uint256 performUpperBound = checkUpperBound + 1;

if (checkUpperBound < 1) return;

bytes memory data = abi.encode(checkLowerBound, checkUpperBound, performLowerBound, performUpperBound);

(bool upkeepNeeded, bytes memory performData) = liquidationKeeper_.checkUpkeep(data);

if (upkeepNeeded) {

vm.startPrank(users.keepersForwarder.account);

liquidationKeeper_.performUpkeep(performData);

vm.stopPrank();

}

struct TestHelper {

uint256 oldBtcPrice;

uint256 oldEthPrice;

uint256 btcNewPrice;

uint256 ethNewPrice;

uint256 price;

bytes32 streamId;

uint256 priceBtcChange;

uint256 priceEthChange;

OrderBranch.CreateMarketOrderParams params;

}

function _performOrderExecution(uint256 marketId, uint128 tradingAccountId, bool isIncrease) internal {

TestHelper memory helper;

helper.oldBtcPrice = getPriceUint(btcPriceFeed);

helper.oldEthPrice = getPriceUint(ethPriceFeed);

helper.btcNewPrice;

helper.ethNewPrice;

helper.price;

helper.streamId = marketsConfig[marketId].streamId;

helper.priceBtcChange = helper.oldBtcPrice % 100e18;

helper.priceEthChange = helper.oldEthPrice % 10e18;

if(isIncrease) {

helper.btcNewPrice = helper.oldBtcPrice + helper.priceBtcChange;

helper.ethNewPrice = helper.oldEthPrice + helper.priceEthChange;

} else {

helper.btcNewPrice = helper.oldBtcPrice - helper.priceBtcChange;

helper.ethNewPrice = helper.oldEthPrice - helper.priceEthChange;

}

btcPriceFeed.updateMockPrice(helper.btcNewPrice);

ethPriceFeed.updateMockPrice(helper.ethNewPrice);

address marketOrderKeeper_ = marketOrderKeepers[marketId];

MarketOrderKeeper marketOrderKeeper = MarketOrderKeeper(marketOrderKeeper_);

if (marketId == 1) {

helper.price = getPriceUint(btcPriceFeed);

} else {

helper.price = getPriceUint(ethPriceFeed);

}

bytes memory mockSignedReport = getMockedSignedReport(helper.streamId, helper.price);

vm.startPrank(users.owner.account);

marketOrderKeeper.setForwarder(users.keepersForwarder.account);

vm.stopPrank();

bytes memory performData = abi.encode(mockSignedReport, abi.encode(tradingAccountId));

vm.startPrank(users.keepersForwarder.account);

marketOrderKeeper.performUpkeep(performData);

vm.stopPrank();

}

function tradingAccountBranch_createTradingAccount(

uint256 _btcNewPrice,

uint256 _ethNewPrice

) public updateMockPriceFeedBtcEth(_btcNewPrice, _ethNewPrice) returns(uint128 _tradingAccountId){

return perpsEngine.createTradingAccount(bytes(""), false) ;

}

/// depositMargin

function tradingAccountBranch_depositMargin(

uint128 _tradingAccountId,

address collateralType,

uint256 _amount,

uint256 _btcNewPrice,

uint256 _ethNewPrice

) public updateMockPriceFeedBtcEth(_btcNewPrice, _ethNewPrice) {

perpsEngine.depositMargin(_tradingAccountId, collateralType, _amount);

}

/// withdrawMargin

function tradingAccountBranch_withdrawMargin(

uint128 _tradingAccountId,

address collateralType,

uint256 _amount,

uint256 _btcNewPrice,

uint256 _ethNewPrice

) public updateMockPriceFeedBtcEth(_btcNewPrice, _ethNewPrice) {

perpsEngine.withdrawMargin(_tradingAccountId, collateralType, _amount);

}

/// createMarketOrder

function orderBranch_createMarketOrder(

uint128 _tradingAccountId,

bool _buyBtc,

int128 sizeDelta,

bool isIncrease,

uint256 _btcNewPrice,

uint256 _ethNewPrice

) public updateMockPriceFeedBtcEth(_btcNewPrice, _ethNewPrice) {

TestHelper memory helper;

helper.params.tradingAccountId = _tradingAccountId;

helper.params.marketId = _buyBtc ? 1 : 2;

helper.params.sizeDelta = sizeDelta;

perpsEngine.createMarketOrder(helper.params);

_performOrderExecution(helper.params.marketId, helper.params.tradingAccountId, isIncrease);

}

///////////// TEST //////////////

//////////////// Test position margin requirement ////////////////

// forge test --match-test "testSkewInvariant" -vvv

function testSkewInvariant() public {

vm.startPrank(BOB);

tradingAccountBranch_createTradingAccount(0,0);

console2.log("crytic_sumOfTotalLongAndShortOpenInterestShouldEqualMarketSkew 1: ", sumOfTotalLongAndShortOpenInterestShouldEqualMarketSkew(1));

vm.startPrank(BOB);

tradingAccountBranch_depositMargin(1,USDC,2328613,0,0);

console2.log("crytic_sumOfTotalLongAndShortOpenInterestShouldEqualMarketSkew 2: ", sumOfTotalLongAndShortOpenInterestShouldEqualMarketSkew(1));

vm.startPrank(BOB);

orderBranch_createMarketOrder(1,false,50411173407651407,false,7893196966583974663776,0);

console2.log("crytic_sumOfTotalLongAndShortOpenInterestShouldEqualMarketSkew 3: ", sumOfTotalLongAndShortOpenInterestShouldEqualMarketSkew(1));

assertTrue(sumOfTotalLongAndShortOpenInterestShouldEqualMarketSkew(1), "skew is incorrectly updated");

}

// sum of total long and short open interest should == market skew

function sumOfTotalLongAndShortOpenInterestShouldEqualMarketSkew(uint256 nextAccountId) internal returns (bool) {

uint128 maxTradingAccountId = uint128(nextAccountId);

uint128 activeMarketsIdsLength;

uint128 activeMarketId;

UD60x18 longsOpenInterest;

UD60x18 shortsOpenInterest;

SD59x18 longsOpenInterest_SD59x18;

SD59x18 shortsOpenInterest_SD59x18;

SD59x18 currentSkew;

// iterate through all the trading accounts

for(uint128 i = 1; i <= maxTradingAccountId; i++) {

activeMarketsIdsLength = uint128(perpsEngine.workaround_getActiveMarketsIdsLength(i));

// for each trading account, iterate through all the active markets

// this is to ensure that every market users are participated in are assessed

for(uint128 j = 0; j < activeMarketsIdsLength; j++) {

// trader is active in this market

activeMarketId = perpsEngine.workaround_getActiveMarketId(i, j);

// get the current skew

currentSkew = perpsEngine.getSkew(activeMarketId);

// both OI are returned as UD60x18 which are then converted to SD59x18 to match current skew

(longsOpenInterest, shortsOpenInterest, ) = perpsEngine.getOpenInterest(activeMarketId);

longsOpenInterest_SD59x18 = longsOpenInterest.intoSD59x18();

shortsOpenInterest_SD59x18 = shortsOpenInterest.intoSD59x18();

// note that shortsOpenInterest_SD59x18 is negative, but was returned as positive, so we need to negate it

if (currentSkew != longsOpenInterest_SD59x18 - shortsOpenInterest_SD59x18) {

return false;

}

return true;

}

Impact

The pricing mechanism of the protocol will be inaccurate, and it gets worse as the market grows.

Tools Used

Foundry

Recommendations

Review the implementation of skew and open interest

Updates

Lead Judging Commences

inallhonesty Lead Judge 11 months ago

Submission Judgement Published

Invalidated

Reason: Too generic

Appeal created

krisrenzo Submitter

10 months ago

inallhonesty Lead Judge

10 months ago

inallhonesty Lead Judge 10 months ago

Submission Judgement Published

Invalidated

Reason: Too generic

Prize pool breakdown

Total prize

60,000 USDC

nSLOC

2,878

21 USDC / LOC

High Medium

50,000 USDC

Low

5,500 USDC

Judges

4,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.