Insufficient Test Coverage for withdrawMarginUsd
Description
The test suite does not cover all failure scenarios, such as invalid tradingAccountId or withdrawals exceeding available balance.
Summary
Untested failure scenarios could result in unexpected behavior or vulnerabilities.
Vulnerability Details
Issue: The test suite lacks coverage for failure scenarios like invalid inputs or insufficient balance.
Example: Withdrawals exceeding the available balance or invalid tradingAccountId could cause unexpected behavior.
Impact
Untested failure scenarios could lead to vulnerabilities or unexpected behavior in production.
Tools Used
Manual Code Review
Foundry/Forge
Recommendations
Add tests for all failure scenarios, such as invalid inputs and withdrawals exceeding available balance.
function testFuzz_RevertWhen_InvalidTradingAccountId(uint128 invalidTradingAccountId) external {
vm.expectRevert("Invalid trading account");
perpsEngine.exposed_withdrawMarginUsd(invalidTradingAccountId, address(wstEth), ud60x18(1e18), ud60x18(1e18), users.naruto.account);
}
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.