The current collateral rate check against a constant scaler in createOffer() doesn't account for the specific details of the offer (i.e., the points)
Summary
The current implementation of createOffer() only checks the collateralRate against a constant scaler, without considering the size of the offer (represented by points and amount). This could lead to under-collateralized offers for large transactions or unnecessarily high collateral for small transactions.
Vulnerability Details
The createOffer() function currently checks the collateralRate against a constant scaler:
The collateral rate is typically used to ensure that the offer is sufficiently backed by assets to protect against potential defaults or market fluctuations.
The points in the offer represent the quantity being offered for sale or purchase. The collateral should be proportional to this amount to properly secure the transaction.
There is a significant design flaw in the current implementation. The collateralRate should be checked not just against a constant scaler, but also in relation to the points being offered.
Impact
The current implementation could lead to systemic risk in the protocol, allowing for under-collateralized positions.
Tools Used
Manual review
Recommendations
Implement a two-part check for the collateral rate:
Ensure it meets a minimum threshold (current implementation).
Validate that it's sufficient relative to the offer size. Consider implementing a dynamic collateral rate that scales with the offer size for optimal security and efficiency.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.