`intermediateGradientStates` is setting wrong in the function `QuantAMMGradientBasedRule::_calculateQuantAMMGradient`.
Summary
The QuantAMMGradientBasedRule::_calculateQuantAMMGradient function calculates the new weights using the price gradients. However, the calculated weights are being set at the wrong indexes in the state variable.
Vulnerability Details
Here, the i variable iterates with i = i + 2, causing one index to be skipped each time. As a result, the weights are stored incorrectly in the array, resulting in a pattern like this: [w1, 0, w2, 0, w3, 0, w4]. This is incorrect, and the wrong values are being updated in the state variable intermediateGradientStates.
Impact
The incorrect assignment of values in the state variable leads to inaccurate calculations, which can result in losses for both the protocol and its users.
Tools Used
Manual Review
Recommendations
To fix this issue, ensure the correct index is used for setting values in the intermediateGradientStates array. Use a separate storage index to avoid skipping array elements.
Suggested Fix
Explanation of Fix
Replace the direct use of
ias the index withlocals.storageArrayIndex.
Lead Judging Commences
finding_gradient_rules_more_than_3_assets_and_1_lambda_will_DoS_the_update
Likelihood: Medium/High, assets>4, lambdas > 1. Impact: Medium/High, DoS update but pool works fine. Pool with 5 assets will use incorrect weights.
Appeal created
finding_gradient_rules_more_than_3_assets_and_1_lambda_will_DoS_the_update
Likelihood: Medium/High, assets>4, lambdas > 1. Impact: Medium/High, DoS update but pool works fine. Pool with 5 assets will use incorrect weights.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.