Lack of Slippage Control in `withdraw()` Affects Users When Withdrawing Collateral
Summary
In PerpetualVault.sol, the withdraw() function lacks a slippage factor. Due to this, users may be affected if there is excessive market volatility.
Vulnerability Details
The above withdraw() function lacks a slippage factor, which can lead to unexpected losses for users.
PoC
Suppose a user expects to receive
xamount when creating a withdrawal request.However, due to extreme market volatility, the user may receive less than their expected
xamount of collateral.As a result, users will be negatively impacted.
Impact
Users may suffer losses when withdrawing their collateral due to the lack of a slippage control mechanism in withdraw().
Tools Used
Manual Review
Recommendations
Implement a mechanism that allows users to prevent withdrawal if the slippage exceeds an acceptable threshold.
Lead Judging Commences
Suppositions
There is no real proof, concrete root cause, specific impact, or enough details in those submissions. Examples include: "It could happen" without specifying when, "If this impossible case happens," "Unexpected behavior," etc. Make a Proof of Concept (PoC) using external functions and realistic parameters. Do not test only the internal function where you think you found something.
invalid_gmx_increase/decrease_no_slippage
acceptablePrice does that job for increase/decrease positions. https://github.com/gmx-io/gmx-synthetics/blob/caf3dd8b51ad9ad27b0a399f668e3016fd2c14df/contracts/order/BaseOrderUtils.sol#L276C49-L276C66
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.