Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: high
Invalid

Inadequate Bounds and Change Controls for Liquidity Buffer Parameter

saneryee

Summary

The setParameter function in the LendingPool contract allows the owner to modify the liquidity buffer ratio without proper minimum bounds or rate-of-change restrictions. This creates significant risks around protocol solvency and potential market manipulation.

Vulnerability Details

function setParameter(OwnerParameter param, uint256 newValue) external override onlyOwner {
// ... other cases ...
else if (param == OwnerParameter.LiquidityBufferRatio) {
require(newValue <= 100_00, "Ratio cannot exceed 100%"); // Only checks upper bound
uint256 oldValue = liquidityBufferRatio;
liquidityBufferRatio = newValue;
emit LiquidityBufferRatioUpdated(oldValue, newValue);
}
// ... other cases ...
}

The vulnerability exists in the OwnerParameter.LiquidityBufferRatio case of the setParameter function. The implementation only validates that the new value doesn't exceed 100% (100\_00 in fixed-point notation) but lacks several critical safety checks:

  1. No minimum bound validation:

    //@audit Current implementation only checks upper bound
    require(newValue <= 100_00, "Ratio cannot exceed 100%");

  2. No restriction on the magnitude of change in a single update:

    //@audit Can change from 80% to 0% in one transaction
    liquidityBufferRatio = newValue;

  3. No time-based controls between updates.

Impact

The absence of these controls creates several serious risks:

  1. Protocol Solvency Risk:

    • Setting a very low (0%) buffer leaves no reserves for handling withdrawal spikes

    • During high withdrawal demand, transactions could fail due to insufficient liquidity

    • Increases risk of temporary protocol insolvency

  2. Market Manipulation Risk:

    • Sudden large changes in the buffer ratio could create arbitrage opportunities

    • Malicious actors could front-run parameter changes

    • Potential for triggering bank-run scenarios if users lose confidence in the protocol's stability

Tools Used

Manual

Recommendations

  1. Implement Minimum Bounds:

    require(newValue >= 5_00 && newValue <= 100_00,
    "Ratio must be between 5% and 100%");

  2. Add Rate-of-Change Limits:

    require(newValue <= liquidityBufferRatio + 5_00 &&
    newValue >= liquidityBufferRatio - 5_00,
    "Max change of 5% per update");

  3. Time-Based Controls:

    // Add state variable
    uint256 public lastBufferUpdateTime;
    // Add time check in setParameter
    require(block.timestamp >= lastBufferUpdateTime + 1 days,
    "Must wait 24h between updates");
    lastBufferUpdateTime = block.timestamp;
Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Appeal created

saneryee Submitter
7 months ago
inallhonesty Lead Judge
7 months ago
inallhonesty Lead Judge 6 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!