Closed sherlock-admin closed 1 year ago
Message from sponsor
Disagree with this issue. The rounding is implemented as specified in the SDAM paper. Specifically, controlVariable is initialized with a floor rounding operation as described in section 4.1.2, definition 19 to ensure that the price after market creation matches the value provided by the market creator. Separately, the newControlVariable value on a tune()
is calculated with a ceiling rounding operation to ensure the new value is greater than or equal to the model value as described in section 4.2.10, definition 29. Therefore, price is greater than or equal to the model value.
xiaoming90
medium
Rounding Issue In Control Variable
Summary
The rounding error when computing the control variable causes the control variable to be lower, leading to the makers selling tokens at a lower price than expected, as the market price of a token is computed as a product of the control variable and debt.
Vulnerability Detail
The computed control variable at Line 600 is rounded up to achieve the desirable property that the integer implementation of the control variable will be greater than or equal to the real value of the control variable. This ensures that the integer implementation of the price calculated from
controlVariable * debt
will be greater than or equal to the real value of the price, which protects makers from selling tokens at a lower price than expected.https://github.com/sherlock-audit/2022-11-bond/blob/main/src/bases/BondBaseSDA.sol#L598
However, this is not consistently applied throughout the codebase. In the following code, the control variable is rounded down, which will result in the integer implementation of the control variable to be lower than the real value of the control variable. This, in turn, leads to the makers selling tokens at a lower price than expected.
https://github.com/sherlock-audit/2022-11-bond/blob/main/src/bases/BondBaseSDA.sol#L280
Impact
The market price of a token is computed as a product of the control variable and debt. If the control variable is lower than expected, the tokens will be sold at a lower price than expected, leading to a loss for the market makers.
Code Snippet
https://github.com/sherlock-audit/2022-11-bond/blob/main/src/bases/BondBaseSDA.sol#L280
https://github.com/sherlock-audit/2022-11-bond/blob/main/src/bases/BondBaseSDA.sol#L598
Tool used
Manual Review
Recommendation
Ensure that the rounding is consistently applied throughout the codebase when computing the control variable so that the desired property can be achieved.