The smart contract doesn't behave correctly if deployed with token that have fees on transfer.
Proof of Concept
When calling TracerPerpetualSwaps:deposit() or Insurance:deposit() the rawTokenAmount is transferred and then used to calculate the amount to be accredited to the user.
In case of fee on transfer the real amount transferred would be less than rawTokenAmount accrediting the full amount to the user anyway.
Recommended Mitigation Steps
If you want to support that type of token consider checking the real transferred amount by subtracting the token.balanceOf(address(this)) before and after the transferFrom.
raymogg
commented
3 years ago
Handle
s1m0
Vulnerability details
Impact
The smart contract doesn't behave correctly if deployed with token that have fees on transfer.
Proof of Concept
When calling TracerPerpetualSwaps:deposit() or Insurance:deposit() the rawTokenAmount is transferred and then used to calculate the amount to be accredited to the user. In case of fee on transfer the real amount transferred would be less than rawTokenAmount accrediting the full amount to the user anyway.
Recommended Mitigation Steps
If you want to support that type of token consider checking the real transferred amount by subtracting the token.balanceOf(address(this)) before and after the transferFrom.