Missing gmx lock protection in perpetualvault positions
Title
Missing gmx lock protection in perpetualvault positions
Summary
The run() function in PerpetualVault lacks essential protection, allowing state corruption during GMX operations, which can break leverage consistency, cause incorrect actions, and result in fund loss.
Vulnerability Details
The run() function does not have the gmxLock modifier, unlike runNextAction(), which does. This creates a gap where run() can be called during ongoing GMX operations, causing state inconsistencies and breaking vault invariants.
The issue arises because GMX operations are asynchronous, requiring a callback. Without the lock, run() can execute again before the previous operation completes, leading to potential state corruption.
Impact
The vulnerability causes cascading failures across position managements.
Tools Used
Manual Review
Recommendations
Add the gmxLock modifier to the run() function to prevent overlapping GMX operations and maintain state consistency.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.