Incorrect Position Switching Leading to Potential Trading Lock
Summary:
In perpetualVault contract, the run() function incorrectly handles position switching when transitioning between long and short positions. If been long does not match is long , the function first closes the existing position before opening the new one. However, if an unexpected failure occurs during position closure, the function will not reach the position opening step, potentially locking trading actions for affected users.
Vulnerability Details:
The function performs a forced position close before opening a new position, but it does not account for failure cases
Impact:
If position closure fails, users cannot execute new trades, potentially causing financial losses.
Tools Used:
Manual review
Foundry/Hardhat Testing – Simulation of failure cases forcing
_createDecreasePosition()to fail
Recommendations:
Validate that _createDecreasePosition() completes before updating nextAction.
Lead Judging Commences
Suppositions
There is no real proof, concrete root cause, specific impact, or enough details in those submissions. Examples include: "It could happen" without specifying when, "If this impossible case happens," "Unexpected behavior," etc. Make a Proof of Concept (PoC) using external functions and realistic parameters. Do not test only the internal function where you think you found something.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.