Liquidity Management

Summary

The PerpetualVault contract does not reset the nextAction variable after an order cancellation, which can lead to unintended actions by the keeper. This violates the protocol's invariant that nextAction should be empty after all actions are completed, as outlined in the README.

Vulnerability Details

In the afterOrderCancellation function, the contract deletes flowData and flow for certain flows but does not explicitly reset nextAction. Consequently, nextAction remains in its previous state, which could include outdated or incorrect actions (e.g., INCREASE_ACTION or SWAP_ACTION). This allows the keeper to potentially execute these actions even after the flow has been canceled, disrupting the protocol's state.

Impact

• Unintended Keeper Actions: The keeper may perform actions based on stale nextAction data, leading to incorrect position management, fund misallocation, or disrupted flows.

• Protocol State Inconsistency: Retaining nextAction after cancellation violates the README's invariant, potentially causing cascading errors in subsequent operations.

• User Financial Risk: Incorrect actions could lead to financial losses or improper handling of user deposits and positions.

Tools Used

Manual code review and analysis.

Recommendations

• Modify the afterOrderCancellation function to explicitly reset nextAction when a flow is canceled, ensuring alignment with the protocol's invariants.

• If retaining nextAction is necessary in specific cases, document this behavior clearly in both the code and the README to prevent confusion and ensure safe operation.