Liquidity Management
Gamma
DeFiFoundry
50,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Missing finalize Call in run Function

olami9783

Summary

In the run function, the flow state (FLOW.SIGNAL_CHANGE) is set, but there is no explicit call to finalize to reset the flow state after the operation completes. This can lead to the system being left in an inconsistent state, potentially blocking further operations.

Vulnerability Details

Flow State Handling

  • The flow variable is set to FLOW.SIGNAL_CHANGE at the beginning of the run function. This signals that a state change (such as opening or closing a position) is in progress.

  • However there is no flow to reset or finalize the flow state after the operation, which could leave the contract in a state where no further actions are allowed.

  • Meanwhile in the normal deposit function it is being reset in the finalize function and in the normal withdrawal function the state is being reset in the _handleReturn function

function deposit(uint256 amount) external nonReentrant payable {
// finalize is being called here to clean state vaiarbles
_finalize(hex'');
function _handleReturn(uint256 withdrawn, bool positionClosed, bool refundFee) internal {
...
// update global state
delete swapProgressData;
delete flowData;
delete flow;
}

Meanwhile the same handleReturn function is being called which executes and later clean up all state in the _runSwap from the execution of run function when if flow == FLOW.WITHDRAW

} else if (flow == FLOW.WITHDRAW) {
_handleReturn(outputAmount + swapProgressData.swapped, false, true);

Impact

  • Without resetting the flow state, subsequent function calls (such as other swaps or position adjustments) may be blocked due to the lingering
    FLOW.SIGNAL_CHANGES state.
    This could create a deadlock situation where future operations cannot proceed.

  • If the operation fails (e.g., swap or position creation fails), the flow state state is not reset, and any collateral or position changes might remain unhandled. This leaves the contract in an inconsistent state, possibly affecting the accuracy of subsequent operations.

  • Missing finalization
    The finalize function is meant to be called at the end of an operation to clean up the flow state and reset collateral and position changes. However it is not being invoked in the current run function, causing potential issues when multiple action need to be executed.

Tools Used

Manual Review

Recommendations

Add a call to finalize at the end of the run function to ensure the flow state is reset and the contract is returned to a valid state after the operation. This should be done regardless of whether the operation succeeds or fails to prevent blocking future transactions.

Then call the finalize function in the Deposit process after minting shares after calling the runSwap that leads to deposit process

if (flow == FLOW.DEPOSIT) {
// last `depositId` equals with `counter` because another deposit is not allowed before previous deposit is completely processed
_mint(counter, outputAmount + swapProgressData.swapped, true, prices);
_finalize(hex'');
Updates

Lead Judging Commences

n0kto Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Appeal created

olami9783 Submitter
9 months ago
n0kto Lead Judge
8 months ago
n0kto Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!