Oracle Manipulation Risk (Price Manipulation)
Summary
The function willPositionCollateralBeSufficient relies on prices.shortTokenPrice.min.toInt256() for collateral calculations. If an attacker can manipulate the oracle or TWAP pricing, they may artificially inflate collateral value, bypassing margin requirements.
Vulnerability Details
Impact
A trader could open positions with artificially low collateral requirements.
Attackers might manipulate prices to avoid liquidation or force wrongful liquidations.
Tools Used
Recommendations
Lead Judging Commences
Suppositions
There is no real proof, concrete root cause, specific impact, or enough details in those submissions. Examples include: "It could happen" without specifying when, "If this impossible case happens," "Unexpected behavior," etc. Make a Proof of Concept (PoC) using external functions and realistic parameters. Do not test only the internal function where you think you found something.
Suppositions
There is no real proof, concrete root cause, specific impact, or enough details in those submissions. Examples include: "It could happen" without specifying when, "If this impossible case happens," "Unexpected behavior," etc. Make a Proof of Concept (PoC) using external functions and realistic parameters. Do not test only the internal function where you think you found something.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.