Liquidity Management
Gamma
DeFiFoundry
50,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

getUserDeposits function breaks after some time.

mizila_firox

Summary

The getUserDeposits function breaks after 255 deposits due to uint8 overflow.

Vulnerability Details

if the user ever makes more than 255 deposits the function `getUserDeposits` will be unusable for him forever because in no part of the code is the userDeposits[user] decreased or deleted (not even in withdraw), so for a frequent user or for a bot/agent or even for another smart contract that makes deposits on behalf of its users this function will be reverted every single time after a certain period (even a day for bots/agents).

https://github.com/CodeHawks-Contests/2025-02-gamma/blob/main/contracts/PerpetualVault.sol#L643-L652

/**
* @notice
* get all deposit ids of a user
* @param user address of a user
*/
function getUserDeposits(address user) external view returns (uint256[] memory depositIds) {
uint256 length = EnumerableSet.length(userDeposits[user]);
depositIds = new uint256[](length);
for (uint8 i = 0; i < length; ) {
depositIds[i] = EnumerableSet.at(userDeposits[user], i);
unchecked {
i = i + 1;
}
}
}

Impact

getUserDeposits function will be unusable given some time. Also if other contracts base their own logic by calling this function and they reach 255 deposits it will break their whole logic too.

Tools Used

manual

Recommendations

simply update the for(uint8) to for(uint256).

Updates

Lead Judging Commences

n0kto Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Informational or Gas

Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.