Liquidity Management

Gamma

DeFiFoundry

50,000 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

Users will pay whole position borrowing and funding fees for the time between settle and actual decrease of position

vinica_boy

Summary

Although a settle operation is performed before each withdrawal—intended to settle fees and subtract them from the position’s collateral rather than the withdrawn amount—users will still incur funding fees between the moment of settlement and the actual execution of their decrease operation.

Vulnerability Details

At timepoint T1, user intiates a withdrawal which also creates a minimal decrease order to settle the position fees.
At timepoint T2, this decrease order is executed by GMX keeper.
At timepoint T3, Gamma keeper runs next action which will create another decrease order.
At timepoint T4, GMX keeper will execute the order.

All accrued fees for the time period between T2 and T4 will be subtracted from the decrease order amount out which results in a single user paying for the whole position fees.

This behavior of subtracting from the output amount can be seen in GMX code at the following place:
DecreasePositionCollateralUtils::processCollateral(): https://github.com/gmx-io/gmx-synthetics/blob/b8fb11349eb59ae48a1834c239669d4ad63a38b5/contracts/position/DecreasePositionCollateralUtils.sol#L54-L519

processCollateral() internally uses payForCost() which always subtract fees from the output amount first if possible.

if (values.output.outputAmount > 0) {

if (values.output.outputAmount > remainingCostInOutputToken) {

result.amountPaidInCollateralToken += remainingCostInOutputToken;

values.output.outputAmount -= remainingCostInOutputToken;

remainingCostInOutputToken = 0;

} else {

result.amountPaidInCollateralToken += values.output.outputAmount;

remainingCostInOutputToken -= values.output.outputAmount;

values.output.outputAmount = 0;

}

Impact

Single user paying the fees accrued for the whole position for a certain period of time. In case we have a small decrease in a huge position it can even result in no output amount for the user.

Tools Used

Manual review.

Recommendations

Consider taking in to account the accrued funding and borrowing fees when user withdraw.

Updates

Lead Judging Commences

n0kto Lead Judge 9 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Assigned finding tags:

Informational or Gas

Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.

Prize pool breakdown

Total prize

50,000 USDC

nSLOC

1,910

26 USDC / LOC

High Medium

47,500

Low

2,500

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!