Balance Lookup in getMarginBalanceUsd() Leads to Potential Miscalculations
Summary
A potential bug exists in getMarginBalanceUsd() where balance values are used without explicitly retrieving them from EnumerableMap. This could lead to incorrect balance calculations, affecting margin requirements and risk management.
Vulnerability Details
The issue here is that the getMarginBalanceUsd() function uses balance without explicitly retrieving it from marginCollateralBalanceX18. The Root cause is that, to retrieve stored values from EnumerableMap is using .at(i), but the function does not ensure this step.
-
Exploit Scenario:
Alice has multiple collaterals stored in
marginCollateralBalanceX18.Bob places an order that triggers margin requirement checks.
Due to the incorrect retrieval of balance, Bob’s order may pass when it should have failed.
Alternatively, Alice could be incorrectly liquidated due to an incorrect margin calculation.
Impact
Users may be liquidated even if they meet margin requirements due to incorrect calculations
Tools Used
manual
Recommendations
Ensure correct balance retrieval in getMarginBalanceUsd()
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.