If a swap is executed at an unfavorable price, the actual reduction in debt might be smaller than the intended `amountIn`
In fulfillSwap(), the contract updates the vault’s debt when processing a swap by reducing the total debt using the following operation:
However, this assumes that all swaps correctly reduce debt, which is not always true. If a swap is executed at an unfavorable price (due to manipulated priceData or market slippage), the actual reduction in debt might be smaller than the intended amountIn. This discrepancy leads to vault debt underestimation, which can cause:
Mispriced collateralization ratios, making the vault appear healthier than it actually is.
Overestimation of the protocol’s solvency hence allowing users to withdraw funds that should be locked.
Potential insolvency in extreme cases where the protocol unknowingly allows more withdrawals than it can afford.
A similar issue arises if a swap fails after amountIn has already been deducted from the vault's debt but before the final settlement occurs, causing permanent debt inconsistency.
Impact:
Incorrect debt accounting can lead to vault insolvency, where users withdraw more than the vault can afford, putting the entire system at risk.
Mitigation:
Use realized swap settlement values (based on actual execution) instead of pre-determined amountIn values when adjusting vault debt, ensuring accurate accounting.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.