Liquidity Management
Gamma
DeFiFoundry
50,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Lack of Input Validation in initialize() Function

secret__one

Summary

The initialize function lacks checks for minDepositAmount, maxDepositAmount, and leverage, potentially allowing invalid values that could lead to unintended protocol behavior, such as deposit failures or incorrect leverage settings.

Vulnerability Details

The initialize function allows admin to configure essential operational parameters, including minimum and maximum deposit thresholds and leverage settings, during contract setup. Although predefined limits exist for these values (e.g., minimum deposit, maximum deposit cap, and leverage ceiling), the function does not validate these inputs against those constraints.

/**
* @notice
* `collateralToken` can be ETH, WETH, BTC, LINK, UNI, USDC, USDT, DAI, FRAX.
* @param _market address of GMX market
* @param _keeper keeper address
* @param _treasury fee receiver
* @param _gmxProxy address of GMXUtils contract
* @param _minDepositAmount minimum deposit amount
* @param _maxDepositAmount maximum deposit amount
*/
function initialize(
address _market,
address _keeper,
address _treasury,
address _gmxProxy,
address _vaultReader,
uint256 _minDepositAmount,
uint256 _maxDepositAmount,
uint256 _leverage
) external initializer {
__Ownable2Step_init();
__ReentrancyGuard_init();
if (
_market == address(0) ||
_gmxProxy == address(0) ||
_keeper == address(0) ||
_vaultReader == address(0) ||
_treasury == address(0)
) {
revert Error.ZeroValue();
}
market = _market;
IGmxProxy(_gmxProxy).setPerpVault(address(this), market);
gmxProxy = IGmxProxy(_gmxProxy);
MarketProps memory marketInfo = IVaultReader(_vaultReader).getMarket(market);
indexToken = marketInfo.indexToken;
collateralToken = IERC20(marketInfo.shortToken);
keeper = _keeper;
treasury = _treasury;
vaultReader = IVaultReader(_vaultReader);
governanceFee = 500; // 5%
minDepositAmount = _minDepositAmount;
maxDepositAmount = _maxDepositAmount;
callbackGasLimit = 2_000_000;
positionIsClosed = true;
lockTime = 7 * 24 * 3600; // 1 week
leverage = _leverage;
}

Impact

If the admin accidentally sets parameters incorrectly:

  • Max deposit below min: Prevents all deposits, halting contract use.

  • Leverage set to zero: Stops position management, breaking core functionality.

  • Leverage exceeds 3x: Increases liquidation risk beyond the 3x design cap.

Overall, this vulnerability has high impact by undermining the protocol’s core operations and indirectly risking user funds. However, with a trusted admin, the likelihood is low. {Medium Severity}

Tools Used

Manual Review

Recommendations

Just add the validation for the input parameters in the initialize function like below:

function initialize(
address _market,
address _keeper,
address _treasury,
address _gmxProxy,
address _vaultReader,
uint256 _minDepositAmount,
uint256 _maxDepositAmount,
uint256 _leverage
) external initializer {
...
// Parameter validation (Audit)
require(_minDepositAmount > 0, "Min deposit amount must be greater than zero");
require(_maxDepositAmount > _minDepositAmount, "Max deposit must exceed min deposit");
require(_leverage > 0 && _leverage <= 3*BASIS_POINTS_DIVISOR, "Leverage must be between 0 and 3x");
...
}
Updates

Lead Judging Commences

n0kto Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Admin is trusted / Malicious keepers

Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point. Keepers are added by the admin, there is no "malicious keeper" and if there is a problem in those keepers, that's out of scope. ReadMe and known issues states: " * System relies heavily on keeper for executing trades * Single keeper point of failure if not properly distributed * Malicious keeper could potentially front-run or delay transactions * Assume that Keeper will always have enough gas to execute transactions. There is a pay execution fee function, but the assumption should be that there's more than enough gas to cover transaction failures, retries, etc * There are two spot swap functionalies: (1) using GMX swap and (2) using Paraswap. We can assume that any swap failure will be retried until success. " " * Heavy dependency on GMX protocol functioning correctly * Owner can update GMX-related addresses * Changes in GMX protocol could impact system operations * We can assume that the GMX keeper won't misbehave, delay, or go offline. " "Issues related to GMX Keepers being DOS'd or losing functionality would be considered invalid."

n0kto Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Admin is trusted / Malicious keepers

Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point. Keepers are added by the admin, there is no "malicious keeper" and if there is a problem in those keepers, that's out of scope. ReadMe and known issues states: " * System relies heavily on keeper for executing trades * Single keeper point of failure if not properly distributed * Malicious keeper could potentially front-run or delay transactions * Assume that Keeper will always have enough gas to execute transactions. There is a pay execution fee function, but the assumption should be that there's more than enough gas to cover transaction failures, retries, etc * There are two spot swap functionalies: (1) using GMX swap and (2) using Paraswap. We can assume that any swap failure will be retried until success. " " * Heavy dependency on GMX protocol functioning correctly * Owner can update GMX-related addresses * Changes in GMX protocol could impact system operations * We can assume that the GMX keeper won't misbehave, delay, or go offline. " "Issues related to GMX Keepers being DOS'd or losing functionality would be considered invalid."

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!