Summary

During liquidations, the protocol intentionally bypasses the enforcement of skew and open interest limits by passing false to the check function. Although the rationale is to protect against DoS attacks, this approach may allow the market's open interest and skew to reach unsafe levels under certain conditions, potentially leading to market instability and manipulation.

Vulnerability Details

In the liquidation process, the protocol executes the following code:

Here, the enforcement parameter is set to false, effectively disabling strict limit checks during a liquidation event. While the assumption is that open interest and skew decrease during liquidations, there is no runtime validation to ensure these values do not reach dangerous levels. Under volatile or complex market conditions—especially if multiple large positions are liquidated simultaneously—this lack of enforcement may lead to market conditions that are outside of safe operational parameters.

Impact

• Market Instability: Without active enforcement, skew and open interest may reach levels that could destabilize the market or trigger unintended risk cascades.

• Manipulation Risks: Attackers might exploit this gap by orchestrating liquidations that intentionally push these market parameters into unsafe ranges.

• Risk Management Failure: The absence of proper checks undermines market safeguards, posing systemic risk during periods of high volatility or clustered liquidation events.

Tools Used

• Manual Code Review: Analysis of the liquidation workflow identified the bypass of limit enforcement.

• Static Analysis Tools: Automated tools highlighted that the check for skew and open interest limits is not enforced during liquidation.

• Risk Simulation: Hypothetical scenarios indicated that mass liquidations without proper limits could misalign market parameters.

Recommendations

• Reinstate Limit Enforcement: Implement a conditional mechanism that enforces open interest and skew limits during liquidation, even if in a modified or optimized form. For example, instead of passing false outright, consider conditionally enforcing minimum limits based on market volatility.

• Dynamic Safeguards: Adjust the liquidation logic to incorporate dynamic checks that can scale with market conditions, ensuring that large liquidations trigger stricter validations.

• Circuit Breakers: Introduce safety measures or circuit breakers that pause liquidations if skew or open interest exceed predefined thresholds during volatile conditions.

• Extensive Testing: Develop rigorous simulations and integration tests to determine safe operating parameters for skew and open interest during liquidation scenarios.