Missing Zero-Check for Vault Asset Value Leading to Division by Zero Vulnerability in `UsdTokenSwapConfig::getPremiumDiscountFactor`
Summary
The function UsdTokenSwapConfig::getPremiumDiscountFactor calculates the premium or discount factor based on a vault's debt-to-assets ratio, but it lacks an essential check to ensure that the vaultAssetsValueUsdX18 is not zero before performing a division operation. The absence of this validation can lead to a division-by-zero error, causing the contract to revert or behave unexpectedly.
Vulnerability Details
The function attempts to divide vaultDebtUsdX18 by vaultAssetsValueUsdX18 in the line:
If vaultAssetsValueUsdX18 is zero, a division by zero will occur, leading to an exception or faulty calculations. This vulnerability could be exploited in cases where the vaultAssetsValueUsdX18 is improperly set to zero.
Impact
If vaultAssetsValueUsdX18 is zero, it can result in a runtime error (division by zero), potentially halting the contract's execution. This could lead to unhandled exceptions, denial of service, or incorrect calculations for vaults, potentially resulting in financial losses or system instability.
Tools Used
Manual code review
Recommendations
Add a validation check at the beginning of the function to ensure vaultAssetsValueUsdX18 is greater than zero before performing any division operations.
This would prevent the division by zero error and ensure that the calculations are only performed with valid inputs.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.