The _recalculateConnectedMarketsState() function retrieves market IDs from an EnumerableSet.UintSet without verifying whether the index exists, leading to potential out-of-bounds access and contract reverts. Specifically, the following code assumes connectedMarkets.at(i)
will always return a valid value:
However, if connectedMarkets
is modified between iterations such as during vault updates, the stored connectedMarketsIdsCache
may become stale, causing at(i)
to revert when accessing an index that no longer exists. Since this function is used in recalculateVaultsCreditCapacity(), which updates vault credit delegation, a single market modification can lead to system-wide failures in vault recalculations.
A vault recalculation operation can unexpectedly revert, preventing critical updates to vault credit capacity and leading to blocked credit delegation operations across the protocol.
Before accessing connectedMarkets.at(i)
, explicitly check that i < connectedMarkets.length()
to prevent out-of-bounds access errors.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.