Liquidity Management

Gamma

DeFiFoundry

50,000 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

precision loss in the getPriceImpactInCollateral function:

mibrobuba

Summary

Precision loss in VaultReader.sol due to the use of fixed-point arithmetic and division operations in calculations. Improper handling of these scaling factors or division operations can lead to rounding errors, which compound over time and result in incorrect calculations.

Vulnerability Details

Division in expectedSizeInTokensDelta

uint256 expectedSizeInTokensDelta = sizeDeltaInUsd / prices.indexTokenPrice.min;

If prices.indexTokenPrice.min is large, the division will truncate the result, leading to a loss of precision.
For example, if sizeDeltaInUsd = 100 and prices.indexTokenPrice.min = 3, the result will be 33 instead of 33.333....

Multiplication and Division in priceImpactInCollateralTokens

int256 priceImpactInCollateralTokens = priceImpactInTokens * prices.indexTokenPrice.min.toInt256() / prices.shortTokenPrice.min.toInt256();

If priceImpactInTokens is small and prices.shortTokenPrice.min is large, the division will truncate the result, leading to precision loss.
For example, if priceImpactInTokens = 1, prices.indexTokenPrice.min = 1000, and prices.shortTokenPrice.min = 3, the result will be 333 instead of 333.333....

Impact

Precision loss can lead to incorrect calculations of the price impact in collateral tokens.
Liquidity providers may suffer losses if the price impact is underestimated or overestimated.
Precision loss can erode user trust in the system.

Tools Used

Manual code review

Recommendations

Increase the precision scaling factor ( 1e36 instead of 1e30) to reduce the impact of rounding errors.
Perform division operations as late as possible in calculations to minimize precision loss.
Implement rounding functions to ensure that results are rounded appropriately (e.g., rounding up or down based on the context).

Updates

Lead Judging Commences

n0kto Lead Judge 7 months ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Assigned finding tags:

invalid_prices_decimals

GMX github documentation: “Prices stored within the Oracle contract represent the price of one unit of the token using a value with 30 decimals of precision. Representing the prices in this way allows for conversions between token amounts and fiat values to be simplified, e.g. to calculate the fiat value of a given number of tokens the calculation would just be: token amount * oracle price, to calculate the token amount for a fiat value it would be: fiat value / oracle price.” Sponsor confirmed the keeper does the same, so price decimals change in function of the token, to be sure the above rule is true. Example for USDC (6 decimals): Prices will have 24 decimals → 1e6 * 1e24 = 1e30. Just a reminder for some submissions: shortToken == collateralTokens, so the decimals is 1e24 for shortToken prices.

Prize pool breakdown

Total prize

50,000 USDC

nSLOC

1,910

26 USDC / LOC

High Medium

47,500

Low

2,500

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.