Liquidity Management

Gamma

DeFiFoundry

50,000 USDC

View results

Previous Next

Submission Details

Severity: low

Valid

Incorrect Price Validation for Long Token

kwakudr

Summary

The Incorrect Price Validation for Long Token issue occurs because the long token's price is validated against the index token's price range instead of its own.

Vulnerability Details

function _validatePrice(...) internal view {

// ...

_check(marketData.longToken, prices.indexTokenPrice.min); // Wrong price field

_check(marketData.longToken, prices.indexTokenPrice.max); // Wrong price field

// ...

}

In the _validatePrice function, the long token is checked against the index token's price range. The MarketPrices struct (from ./libraries/StructData.sol) has separate fields for each token's price range

struct MarketPrices {

TokenPrice indexTokenPrice;

TokenPrice longTokenPrice; // Correct field for long token

TokenPrice shortTokenPrice;

}

struct TokenPrice {

uint256 min;

uint256 max;

}

The long token should be validated against its own price range (prices.longTokenPrice), not the index token's

Impact

Validation fails unnecessarily because the long token is compared to the index token's range, even though its price is valid

Tools Used

Foundry

Recommendations

// Before (incorrect):

_check(marketData.longToken, prices.indexTokenPrice.min);

_check(marketData.longToken, prices.indexTokenPrice.max);

// After (correct):

_check(marketData.longToken, prices.longTokenPrice.min);

_check(marketData.longToken, prices.longTokenPrice.max);

Updates

Lead Judging Commences

n0kto Lead Judge 5 months ago

Submission Judgement Published

Validated

Assigned finding tags:

finding_validatePrice_no_check_for_longTokenPrice

Likelihood: None/Very Low, everytime the keeper send a price via run/runNextAction (sent by the Gamma keeper). Impact: Medium/High, does not check the longTokenPrice, it could go out of range. Keep in mind indexToken == longToken, an error from the keeper could be considered informational.

Prize pool breakdown

Total prize

50,000 USDC

nSLOC

1,910

26 USDC / LOC

High Medium

47,500

Low

2,500

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.