`getAutoDeleverageFactor` Can Revert Wrongfully
Summary
In Market the function getAutoDeleverageFactor will revert instead of returning UD60x18_UNIT if autoDeleverageStartThresholdX18 and autoDeleverageEndThresholdX18 are equal.
Vulnerability Details
In Market the function getAutoDeleverageFactor will revert instead of returning UD60x18_UNIT if autoDeleverageStartThresholdX18 and autoDeleverageEndThresholdX18 are equal.
The auto deleverage factor is the y coordinate of the following polynomial regression curve:
x and y in [0, 1] ∈ R
y = x^z
z = Market.Data.autoDeleverageExponentZ
x = (Math.min(marketDebtRatio, autoDeleverageEndThreshold) - autoDeleverageStartThreshold) / (autoDeleverageEndThreshold - autoDeleverageStartThreshold)
When the start threshold and the end threshold are equal it will mean that the auto deleverage factor is basically disabled (which is a valid input). However, it will revert due to division by 0 here:
Impact
DoS in CreditDelegationBranch::withdrawUsdTokenFromMarket and CreditDelegationBranch::getAdjustedProfitForMarketId if auto deleverage is triggered which will call Market::getAutoDeleverageFactor.
Tools Used
Manual Review
Recommendations
Return UD60x18_UNIT if autoDeleverageStartThresholdX18 and autoDeleverageEndThresholdX18 are equal.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.