Part 2

Summary

The current implementation of recalculateVaultsCreditCapacity iterates through all vaults of a market to calculate their respective debt shares. However, the totalDelegatedCreditUsd value, which is used in these calculations, gets updated at the end of each iteration. This results in subsequent vaults using an altered totalDelegatedCreditUsd value, leading to inconsistencies in debt distribution.

Vulnerability Details

Consider the following scenario:

1. Market A contains 5 Vaults.

2. Initially, totalDelegatedCreditUsd for Market A is 100.

3. After processing the first vault, totalDelegatedCreditUsd is updated (e.g., increasing by 5).

4. The next vault's getVaultAccumulatedValues function now computes its share based on this new, altered totalDelegatedCreditUsd value, leading to incorrect calculations.

5. This process repeats for the remaining vaults, compounding the inconsistency across all vaults in the market.

Impact

• Inconsistent and incorrect debt share calculations among vaults.

• Potential financial imbalances due to inaccurate credit capacity distribution.

• Possible exploitation opportunities if an attacker can manipulate the vault processing order.

Tools Used

• Manual code review

Recommendations

• Compute and store the initial totalDelegatedCreditUsd value before iterating through the vaults.

• Ensure each vault's debt share is calculated using a consistent reference value instead of an evolving one.

• Consider implementing a temporary snapshot of totalDelegatedCreditUsd at the beginning of the iteration cycle to avoid mid-cycle alterations.