Extreme Slippage Causing Negative Subtraction and Transaction Reversion
Details:
Under extreme slippage or adverse execution conditions, the protocol calculates the increase in tokens by subtracting the sum of the fee, the price impact in collateral, and a constant (1) from the deposited amount. In cases where the market moves drastically, even a seemingly sufficient deposit (e.g., $1000) can result in a computed value that is negative. When this subtraction (amount - (feeAmount + priceImpactInCollateral + 1)) yields a negative result, the transaction reverts. This revert mechanism is intentional to protect the protocol and the user from proceeding with an erroneous state.
Root Cause:
The calculation does not accommodate scenarios where extreme adverse market conditions cause the subtraction to exceed the deposited amount. There is no explicit handling to cap or manage negative outcomes other than triggering a revert. The use of subtraction without ensuring that the result remains non-negative is the underlying issue.
Impact:
User Experience: Transactions may unexpectedly revert during periods of high market volatility, potentially leading to a denial-of-service effect for users trying to execute orders under adverse conditions.
Operational Concerns: While the reversion protects the protocol from entering an erroneous state, it can result in frustration and loss of opportunity for users during extreme market conditions.
Risk Mitigation: The revert behavior itself is protective, ensuring that no invalid state or unintended token issuance occurs.
Recommendation:
Graceful Handling: Introduce explicit checks to ensure that the subtraction does not result in a negative value. If the computed value would be negative, consider capping the output at zero or providing a clear error message that explains the extreme market conditions causing the revert.
User Communication: Document and communicate this behavior clearly so that users are aware that under extreme slippage conditions, transactions may revert, and explain the rationale behind it.
Alternate Flow: Evaluate if an alternative execution path (e.g., partial execution, user confirmation, or additional safety parameters) can be implemented to handle such scenarios without a complete transaction revert.
Proof of Concept:
Consider a scenario where:
amount= 1000feeAmount= 50priceImpactInCollateral= 960
The calculation would be:
Since Solidity arithmetic does not allow negative unsigned integers, the operation reverts, thereby preventing further execution. This confirms that under extreme conditions, the subtraction logic causes a revert, which is by design but could affect user experience.
Lead Judging Commences
Informational or Gas
Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.
Suppositions
There is no real proof, concrete root cause, specific impact, or enough details in those submissions. Examples include: "It could happen" without specifying when, "If this impossible case happens," "Unexpected behavior," etc. Make a Proof of Concept (PoC) using external functions and realistic parameters. Do not test only the internal function where you think you found something.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.