Closed code423n4 closed 2 years ago
GiveMeTestEther
According to the whitepaper the covered IL loss protection should linearly increase from 0% to 100% over 100 days, but it is set to one year (365 days)
User have less IL protection than assumed.
https://github.com/code-423n4/2021-12-vader/blob/fd2787013608438beae361ce1bb6d9ffba466c45/contracts/dex/pool/VaderPool.sol#L86
https://github.com/code-423n4/2021-12-vader/blob/fd2787013608438beae361ce1bb6d9ffba466c45/contracts/dex-v2/pool/VaderPoolV2.sol#L294
Manual Analysis
Handle
GiveMeTestEther
Vulnerability details
According to the whitepaper the covered IL loss protection should linearly increase from 0% to 100% over 100 days, but it is set to one year (365 days)
Impact
User have less IL protection than assumed.
Proof of Concept
https://github.com/code-423n4/2021-12-vader/blob/fd2787013608438beae361ce1bb6d9ffba466c45/contracts/dex/pool/VaderPool.sol#L86
https://github.com/code-423n4/2021-12-vader/blob/fd2787013608438beae361ce1bb6d9ffba466c45/contracts/dex-v2/pool/VaderPoolV2.sol#L294
Tools Used
Manual Analysis
Recommended Mitigation Steps