search

code-423n4 / 2024-06-panoptic-findings

1 stars 0 forks source link

Inaccurate Collateral Calculation in _computeSpread Function Due to Insufficient Zero Difference Handling #9

Closed howlbot-integration[bot] closed 1 month ago

howlbot-integration[bot] commented 1 month ago

Lines of code

https://github.com/code-423n4/2024-06-panoptic/blob/main/contracts/CollateralTracker.sol#L1516

Vulnerability details

Impact

The _computeSpread function in the CollateralTracker contract calculates the required collateral for spread positions. However, there is a critical flaw: the absolute difference calculation does not handle scenarios where movedRight or movedLeft might be very close to their respective partners, potentially resulting in a zero difference. This can lead to inaccurate collateral requirements, resulting in under-collateralization and increased risk of insolvency for the protocol.

Proof of Concept

LOC

spreadRequirement = movedRight < movedPartnerRight
    ? movedPartnerRight - movedRight
    : movedRight - movedPartnerRight;

If movedRight is very close to movedPartnerRight or movedLeft is very close to movedPartnerLeft, the absolute difference calculation could result in a zero difference. This would not accurately reflect the risk and required collateral for the spread position.

Tools Used

Manual

Recommended Mitigation Steps

Add a small epsilon value to ensure that the difference is non-zero.

spreadRequirement = movedRight < movedPartnerRight
    ? movedPartnerRight - movedRight + 1 // Ensure non-zero difference
    : movedRight - movedPartnerRight + 1; // Ensure non-zero difference

Assessed type

Invalid Validation

c4-judge commented 1 month ago

Picodes marked the issue as unsatisfactory: Insufficient proof