Part 2

Summary

The depositCreditForMarket function lacks proper validation to prevent deposits into markets that are being delisted or are in a disabled state. This oversight violates the intended business logic, which requires markets to be disabled before delisting to prevent users from depositing collateral into inactive markets. This vulnerability could lead to inconsistent system states, financial losses, and reputational damage to the protocol.

Vulnerability Details

The vulnerability is present in the depositCreditForMarket function, specifically in the market validation logic.

The function currently checks if the market is live and has delegated credit but does not validate whether the market is in the process of being delisted or is disabled. According to the protocol's business logic:

1. Markets must be disabled before they can be delisted.

2. Deposits should not be allowed into disabled or delisted markets.

However, the function does not enforce these rules, allowing deposits to be processed even when a market is being delisted or is in a disabled state. This can lead to:

• Deposits into inactive markets, causing inconsistencies in the system.

• Violation of the protocol's intended behavior, where users should not be able to deposit collateral into markets that are no longer operational.

Exploit Scenario

1. A market is scheduled for delisting and is disabled by the registered Engine.

2. Before the market is fully delisted, a user deposits collateral into the market.

3. The deposit is processed successfully, even though the market is no longer operational.

4. The collateral is locked in an inactive market, leading to potential financial losses for the user and inconsistencies in the protocol's accounting.

Impact

• Users may deposit collateral into markets that are no longer operational, leading to locked funds and potential losses.

Tools Used

• Manual code review.

Recommendations

Implement explicit checks to ensure that deposits are not allowed into disabled or delisted markets: