Part 2
Zaros
PerpetualsDEXFoundrySolidity
70,000 USDC
View results
Previous Next
Submission Details
Severity: high
Invalid

Excessive Slippage Due to Large Orders in Low Liquidity Markets

olami9783

Summary

Issue 1

The current implementation of fillMarketOrder function does not explicitly check liquidity before execution, making it vulnerable to economic exploit and market manipulation.

Why is this an Issue:

  • The function does not check if the market has enough liquidity to absorb the order before executing it.

  • The price calculation

ctx.fillPriceX18 = perpMarket.getMarkPrice(sd59x18(ctx.offchainOrder.sizeDelta), ctx.indexPriceX18);

relies on the market's mark price but doesn't enforce slippage limits.

Issue 2

No slippage protection for offchain orders

Why is this an Issue:

  • The fill price only checks if it meets the minimum acceptable threshold, but does not prevent excessive slippage.

  • An attacker can submits an offchain order at a bad price, manipulate liquidity, and then force it to execute at a worse price.

  • There is no enforcement mechanism for maximum slippage allowed, meaning a trader might unknowingly agree to an order that gets filled at a terrible price.

// check if the fill price is valid (doesn't breach the expected target price)
ctx.isFillPriceValid = (ctx.isBuyOrder && ctx.offchainOrder.targetPrice >= ctx.fillPriceX18.intoUint256())
|| (!ctx.isBuyOrder && ctx.offchainOrder.targetPrice <= ctx.fillPriceX18.intoUint256());
// we don't revert here because we want to continue filling other orders.
if (!ctx.isFillPriceValid) {
continue;
}

Vulnerability Details

Exploit Scenario

  1. Market Order Execution Without Slippage Protection:

  • A trader submits a large market order in a low liquidity market.

  • The contract executes the order without checking available liquidity, meaning the order consume all available market depth and gets filled at significantly worse prices than expected.

  • The trader suffers financial loss due to excessive slippage.

  1. Market Manipulation via Slippage Exploit:

  • An attacker places a series of small orders to manipulate the order book and reduce market liquidity.

  • The attacker then submits a large order that consumes the remaining liquidity, artificially moving the price.

  • A bot or another trader following the price triggers additional liquidations or price-dependent contracts (e.g., stop losses), allowing the attacker to profit from forced liquidations.

Impact

  • Lack of liquidity checks means that an order could consume all available liquidity, drastically moving the market price.

  • Malicious actors can manipulate prices by pushing slippage to their advantage, forcing bad trades or profiting from artificial price movements.

  • Traders executing large market orders may experience significant slippage leading to worse than expected execution prices

Tools Used

Manual Review

Recommendations

  1. Implement a slippage tolerance

  • Allow users to set a maximum allowed slippage percentage.

  • Reject order if they exceeds this threshold

  1. Check Liquidity Before Executing Large Orders

  • Ensure the order size does not exceed available liquidity

  • Use liquidity depth check to limit large orders based on available market depth

  1. Implement Dynamic Order Size Adjustment

  • Instead of executing orders in full, break large orders into smaller chunks.

  • If liquidity is low, automatically adjust order size to fit the available liquidity.

Updates

Lead Judging Commences

inallhonesty Lead Judge 6 months ago
Submission Judgement Published
Invalidated
Reason: Out of scope

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.