Tadle
Tadle
DeFiFoundry
27,750 USDC
View results
Previous Next
Submission Details
Severity: low
Valid

`collateralRate` parameter can be exactly 100% instead of expected strictly greater than 100% compromising safety buffer for volatile assets

0xsecuri

Summary

The createOffer and listOffer functions allow a collateralRate of exactly 100%, contrary to the protocol’s expectation of requiring it to be strictly greater than 100%. This discrepancy fails to provide the necessary safety buffer for volatile assets like cryptocurrencies, potentially exposing users and the protocol to financial risks and not enough collateral coverage.

Vulnerability Details

The collateralRate parameter is designed to ensure that sufficient collateral is deposited to back an offer. According to the comment in the code:

/**
* @dev collateralRate must be more than 100%, decimal scaler is 10000
*/

The intention is that the collateralRate should be greater than 100%, providing a buffer to cover the volatility of crypto assets. However, the current implementation allows the collateralRate to be exactly 100%, which does not align with the intended security measures.

Code Snippets

createOffer function

if (params.collateralRate < Constants.COLLATERAL_RATE_DECIMAL_SCALER) { // @audit expected to be > 100%, actually it could be == 100%
revert InvalidCollateralRate();
}

listOffer function

if (_collateralRate < Constants.COLLATERAL_RATE_DECIMAL_SCALER) { // @audit expected to be > 100%, actually it could be == 100%
revert InvalidCollateralRate();
}

In both functions, the check for collateralRate only ensures that it is not less than 100% but does not prevent it from being exactly 100%. This fails to provide the necessary buffer for assets that are volatile.

Impact

  1. Financial Risk to Users: A collateralRate of exactly 100% might result in not enough collateral to cover potential losses, especially with volatile assets. This lack of buffer can lead to financial losses for users in case of defaults.

  2. Protocol Security: The protocol aims to have a buffer to handle volatility, but a collateralRate of 100% fails to provide this, undermining the intended security.

  3. Potential for Exploitation: Insufficient collateral can be exploited by malicious actors, potentially compromising the protocol’s integrity and causing financial harm to other users.

Tools Used

VSCode

Recommendations

Adjust the check in the createOffer and listOffer functions to ensure that the collateralRate is strictly greater than 100%. This adjustment will ensure that users are required to deposit more collateral than the value of the offer, providing a necessary buffer.

- if (params.collateralRate < Constants.COLLATERAL_RATE_DECIMAL_SCALER)
+ if (params.collateralRate <= Constants.COLLATERAL_RATE_DECIMAL_SCALER) {
revert InvalidCollateralRate();
}

Additionaly consider adjusting collateral rate for Crypto Assets. For stablecoins, a collateral rate slightly above 100% might suffice. However, for volatile crypto assets, it is advisable to set a higher collateral rate, such as 150%, to account for price fluctuations and ensure adequate coverage.

Updates

Lead Judging Commences

0xnevi Lead Judge about 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

finding-PreMarkets-off-by-one-Trade-TAX-100%

Similar to issue #1323, Despite this off-by-one error of the intended check, the difference between 99% and 100% is minimal, so I believe whether or not 100% is allowed has minimal impact. Ultimately, takers should not be realistically creating offer with such tradeTax

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.