Insufficient Edge Case Testing in withdrawMarginUsd
Description
The test suite does not cover all edge cases, such as zero withdrawals, invalid tradingAccountId, or withdrawals exceeding available balance.
Summary
Untested edge cases could result in unexpected behavior or vulnerabilities.
Vulnerability Details
Issue: The test suite lacks coverage for edge cases like zero withdrawals, invalid inputs, and withdrawals exceeding available balance.
Example: Withdrawing zero amount or an invalid account ID could cause unexpected behavior.
Impact
Untested edge cases could lead to vulnerabilities or unexpected behavior in production.
Tools Used
Manual Code Review
Foundry/Forge
Recommendations
Add tests for edge cases, such as zero withdrawals, invalid inputs, and withdrawals exceeding available balance
function testFuzz_WithdrawZeroAmount(uint128 tradingAccountId) external {
vm.expectRevert("Invalid amount");
perpsEngine.exposed_withdrawMarginUsd(tradingAccountId, address(wstEth), ud60x18(1e18), ud60x18(0), users.naruto.account);
}
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.