Dria
Swan
NFTHardhat
21,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Missing Non-Null Check on marketParams in getRoundPhase() function used in Key Protocol Operational Functions

invcbull

Summary

In the getRoundPhase function of the BuyerAgent.sol contract, there is a potential usability issue if the marketParams array is empty. The function currently assumes that marketParams will always contain elements, and it does not check for an empty array before accessing it. If marketParams is empty, any call to getRoundPhase will revert, disrupting user experience and potentially leading to unexpected transaction failures. it will primarily impact user experience..

Vulnerability Details

Code Snippet of Concern:

function getRoundPhase() public view returns (uint256, Phase, uint256) {
SwanMarketParameters\[] memory marketParams = swan.getMarketParameters();
if (marketParams.length == marketParameterIdx + 1) {
return _computePhase(marketParams[marketParameterIdx], block.timestamp - createdAt);
} else {
uint256 idx = marketParameterIdx;
(uint256 round,,) = _computePhase(marketParams[idx], marketParams[idx + 1].timestamp - createdAt);
idx++;
while (idx < marketParams.length - 1) {
(uint256 innerRound,,) = _computePhase(marketParams[idx], marketParams[idx + 1].timestamp - marketParams[idx].timestamp);
round += innerRound + 1;
idx++;
}
(uint256 lastRound, Phase phase, uint256 timeRemaining) = _computePhase(marketParams[idx], block.timestamp - marketParams[idx].timestamp);
round += lastRound + 1;
return (round, phase, timeRemaining);
}
}

In the current implementation, if marketParams is empty, getRoundPhase will revert because it tries to access elements that do not exist. This lack of a null check can lead to unexpected transaction reverts, impacting user experience negatively, especially as getRoundPhase is commonly used within the key protocol’s operations in the list() and relist() function in the swan.sol contract, as a rest of this, If marketParams is empty when these functions are called, getRoundPhase will revert due to an out-of-bounds array access, causing any call to list or relist to fail unexpectedly.

Impact

This issue affects core functions and can cause disruptions in the following ways:

  1. As list and relist are critical functions for asset creation and re-listing, any failure due to missing marketParams would prevent users from performing these key actions: users interacting with functions that call getRoundPhase may experience unexpected reverts, especially if the marketParams array is temporarily empty due to timing or initialization issues. This can result in a poor user experience, as users may be uncertain why transactions fail.

  2. Frequent reverts due to unexpected issues with marketParams could lead users to question the reliability of the protocol, which may impact adoption and user satisfaction over time.

  3. If marketParams becomes empty during key operations, this could prevent users from interacting with the protocol as expected, potentially leading to a temporary service disruption.

Tools Used

Manual Review

Recommendations

Add a Non-Null Check for marketParams:

  • In the getRoundPhase function, include a check to ensure that marketParams is not empty. If marketParams.length == 0, return an error or revert with a meaningful message to indicate that market parameters are unavailable.

For example:

SwanMarketParameters[] memory marketParams = swan.getMarketParameters();
if (marketParams.length == 0) {
revert("Market parameters are not initialized.");
}

Adding this check will ultimately prevent unexpected reverts in list and relist if marketParams is not populated, improving the robustness and reliability of these critical operations.

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.