Part 2

Zaros

PerpetualsDEXFoundrySolidity

70,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Valid

Missing recalculate in depositCreditForMarket

ChainDefenders

Summary

In the current implementation of depositCreditForMarket, there is a missing call to recalculateVaultsCreditCapacity. This omission results in stale values for totalDelegatedCreditUsd, leading to incorrect calculations of usdcCreditPerVaultShare. Since the vaults of a market can accumulate more or less delegated credit over time, failing to update totalDelegatedCreditUsd before using it introduces inaccuracies.

Vulnerability Details

Scenario:

A user calls depositCreditForMarket with USDC as the deposit asset.
The function attempts to calculate usdcCreditPerVaultShare based on totalDelegatedCreditUsd.
However, totalDelegatedCreditUsd has not been updated—it may not reflect the latest state of the vaults.
This results in an incorrect credit per share calculation, which can impact credit distribution logic.

Impact

Incorrect Credit Accounting: Since usdcCreditPerVaultShare relies on totalDelegatedCreditUsd, using stale values can distort credit distribution across vaults.
Potential Financial Imbalance: Some vaults may receive more or less credit than they should

Tools Used

Manual review

Recommendations

To ensure totalDelegatedCreditUsd is up to date before computing usdcCreditPerVaultShare, insert a call to Vault.recalculateVaultsCreditCapacity() at the beginning of depositCreditForMarket:

function depositCreditForMarket(

uint128 marketId,

address collateralAddr,

uint256 amount

)

external

onlyRegisteredEngine(marketId)

{

if (amount == 0) revert Errors.ZeroInput("amount");

+. Vault.recalculateVaultsCreditCapacity(Market.loadLive(marketId).getConnectedVaultsIds());

// loads the collateral's data storage pointer, must be enabled

Collateral.Data storage collateral = Collateral.load(collateralAddr);

collateral.verifyIsEnabled();

This change ensures that totalDelegatedCreditUsd always reflects the latest vault state, preventing incorrect credit calculations.

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago

Submission Judgement Published

Validated

Assigned finding tags:

Credit capacity calculation uses stale total assets in VaultRouterBranch::deposit by updating before the actual deposit, causing DOS in depositCreditForMarket

Prize pool breakdown

Total prize

70,000 USDC

nSLOC

3,258

21 USDC / LOC

High Medium

66,500

Low

3,500

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.