Incorrect Lock Time Check in Withdraw in PerpetualVault.sol
Summary
The withdraw function contains an incorrect lock time check that prevents withdrawals at the exact unlock time.
Vulnerability Details
Location
withdraw function
Issue
The condition:
incorrectly uses >=, which prevents users from withdrawing even when the lock time has precisely elapsed. This means users must wait an extra block before they can withdraw, which is not the intended behavior.
Impact
Users experience unnecessary delays in withdrawing their collateral.
Creates a poor user experience due to an unintended restriction.
Tools Used
Manual code review
Static analysis
Recommendations
Change the condition to:
This ensures that users can withdraw as soon as the lock time has fully passed, without any additional delay.
Lead Judging Commences
Informational or Gas
Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.
Informational or Gas
Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.