incorrect length check in `_setIntermediateVariance` will DOS manual setting of `intermediateVarianceStates` after pool initialization
Summary
The UpdateWeightRunner provides a function (setIntermediateValuesManually) that allows the QuantAMM admin to manually set the intermediate variables of a rule, asides from setting the initial intermediate variables on pool initialization , it can also be used as a break-glass feature to set/reset the intermediate variables of a rule if necessary.
The issue is that the length check in the function QuantAMMVarianceBasedRule::_setIntermediateVariance function is incorrect and will prevent usage of this feature
Vulnerability Details
In QuantAMMVarianceBasedRule::_setIntermediateVariance
The issue is that intermediateVarianceStates is a packed array with length = numberOfAssets/2 whereas initialValues is an array with length = numberOfAssets. This means that the function will always revert when storeLength is not 0(i.e. when pool is already initialized).
Impact
Medium - Break-glass feature, where the QuantAMM admin can manually set the intermediate variance if necessary, will be unusable
Tools Used
Manual Review
Recommendations
Lead Judging Commences
finding__setIntermediateVariance_unusable_length_stored_new_values_are_different
Likelihood: Medium, _setIntermediateVariance is used to correct values in case of problem. Impact: Low/Medium, First initialization will work but this function won’t be able to mitigate any future problem.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.