`QuantAMMGradientBasedRule` - Excessive Gradient Value Triggered by Small Lambda Usage
Title
QuantAMMGradientBasedRule - Excessive Gradient Value Triggered by Small Lambda Usage
Summary
In QuantAMMGradientBasedRule contract, small lambda values can generate excessively large gradient values. Without a minimum bound, these values can grow uncontrollably, potentially exploiting the pool through extreme weight spikes.
Vulnerability Details
We can identify the problem in several places in QuantAMMGradientBasedRule contract:
As demonstrated in the calculation above, locals.mulFactor can exceed 1e24 when lambda is as small as 1e12. With such small lambda values, the contract's mathematical formula excessively amplifies minor changes, leading to disproportionately large gradients.
Impact
The excessively large gradient values breach system constraints, which are expected to remain below 1e24, leading to extreme weight adjustments that disrupt pool rebalancing logic. This opens the door for MEV attackers, poses economic risks to liquidity providers, and undermines overall system stability.
Tools Used
Manual Review
Recommendations
Consider implementing a minimum bound for lambda values to prevent excessive gradient spikes.
Lead Judging Commences
Informational or Gas / Admin is trusted / Pool creation is trusted / User mistake / Suppositions
Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelyhood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.