Skip to content
This repository has been archived by the owner on Jan 7, 2025. It is now read-only.

0xLogos - Wrong price used to update updateGlobalPositionData in liquidate #278

Closed
sherlock-admin2 opened this issue Feb 4, 2024 · 2 comments
Closed

0xLogos - Wrong price used to update updateGlobalPositionData in liquidate #278

sherlock-admin2 opened this issue Feb 4, 2024 · 2 comments
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed

Comments

@sherlock-admin2
Copy link
Contributor

sherlock-admin2 commented Feb 4, 2024
edited
Loading

0xLogos

high

Wrong price used to update updateGlobalPositionData in liquidate

Summary

In LiquidationModule::liquidate when updating global position data position.lastPrice is used insted of currentPrice

Vulnerability Detail

In FlatcoinVault::updateGlobalPositionData there's comment "The current price of the underlying asset" for _price parameter. But in liquidate used stale position.price as the parameter

vault.updateGlobalPositionData({
    price: position.lastPrice,
    marginDelta: -(int256(position.marginDeposited) + positionSummary.accruedFunding),
    additionalSizeDelta: -int256(position.additionalSize)
});

position.price is the price of asset in time of last open/adjustmet and can be very different from from current price

Impact

Incorrect price used for _globalPositions and calculatingstableCollateralTotal in FlatcoinVault which is critical values for protocol

Code Snippet

https://github.com/sherlock-audit/2023-12-flatmoney/blob/bba4f077a64f43fbd565f8983388d0e985cb85db/flatcoin-v1/src/LiquidationModule.sol#L160

Tool used

Manual Review

Recommendation

Use currentPrice instead

Duplicate of #188
@sherlock-admin2 sherlock-admin2 added Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed labels Feb 8, 2024
@github-actions github-actions bot added High A valid High severity issue Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label labels Feb 11, 2024
@sherlock-admin
Copy link
Contributor

1 comment(s) were left on this issue during the judging contest.

takarez commented:

valid: high(1)

@sherlock-admin
Copy link
Contributor

The protocol team fixed this issue in PR/commit https://github.com/dhedge/flatcoin-v1/pull/264.

@sherlock-admin2 sherlock-admin2 changed the title Thankful Plum Goat - Wrong price used to update updateGlobalPositionData in liquidate 0xLogos - Wrong price used to update updateGlobalPositionData in liquidate Feb 20, 2024
@sherlock-admin2 sherlock-admin2 added the Reward A payout will be made for this issue label Feb 20, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sherlock-admin @sherlock-admin2