Summary

A protocol vulnerability exists due to the absence of a retry mechanism for failed funding fee claims in the afterOrderExecution function. When funding fee collection via claimFundingFees fails (e.g., due to transient network issues or gas limits), the protocol makes no attempt to recover these fees, resulting in permanent revenue loss. This design flaw systematically reduces protocol income over time while creating an unfair advantage for sophisticated users who monitor and exploit these failures.

Vulnerability Details

Affected Code

Root Cause Analysis

1. Single Attempt Architecture:
   The try/catch block makes only one attempt to claim funding fees. Any failure (e.g., RPC errors, temporary GMX subsystem unavailability, gas spikes) results in complete abandonment of the claim process.

2. Critical Path Without Recovery:
   Failed funding fee claims are logged as events but not queued for retries. Subsequent transactions won't automatically reprocess these missed fees.

3. Asymmetric Knowledge Exploitation:
   Observant users/monitors could detect failed claims via events and manually re-trigger fee collection for personal gain, bypassing protocol revenue sharing.

Failure Scenario

1. Normal Operation:

   • User opens/closes a position → Protocol attempts to claim funding fees via claimFundingFees().

2. Transient Failure:

   • GMX's fee collection subsystem returns a temporary error (e.g., oracle price staleness).

   • Protocol emits ClaimPositiveFundingFeeExecutionError but takes no further action.

3. Permanent Loss:

   • Unclaimed fees remain trapped in GMX contracts indefinitely.

   • Protocol loses its share of fees for that epoch permanently.

Impact

• Direct Financial Loss: Protocol-owned funding fees (a core revenue stream) are irrecoverably lost.