Open code423n4 opened 2 years ago
Good report that includes duplicates from other severity 2 and 3 issues.
"There should be a timelock after which withdraw can be called again otherwise this can be called repeatedly for small amounts" - you could just use a sybil type attack which makes a timelock not effective to defend against what you want to defend against.
Looks like some things in here should be upgraded to beyond low. Will circle back after medium and high severity issue reviews
Withdrawals can stuck
Recommendation: If contract does not have balance for particular withdrawal instance, keep that in pending object and try to complete the remaining ones
Withdraw timelock missing
Recommendation: There should be a timelock after which withdraw can be called again otherwise this can be called repeatedly for small amounts If user has requested withdraw then he should only be able to call this function again after x timestamp
Shares can give lower value
Consider withdraw function at InsuranceFund.sol#L62
if some big bad debt comes (seizeBadDebt at MarginAccount.sol#L368) then settlePendingObligation function which is called at withdraw function will consume most contract balance. This will reduce amount in balance()
Since withdraw amount is directly proportional to balance (uint amount = balance() * _shares / totalSupply();) so same shares will give less amount
Missing Oracle price checks
Recommendation: Modify the function as below:
Input validation missing
Recommendation: Add below check
Incorrect condition can give incorrect price
The getUnderlyingTwapPrice function at Oracle.sol#L67 is returning latestPrice when latestTimestamp < baseTimestamp.
Else it would goto previous rounds
This is incorrect. This function should return latestPrice when latestTimestamp = baseTimestamp
Recommendation: Modify the check like below
Zero address checks are missing