Closed github-actions[bot] closed 1 year ago
spotSwapper
is set as part of contract setup during deployment process here: https://github.com/sherlock-audit/2023-01-uxd/blob/334b38b582d794c76a2062e672804d99fc24675c/scripts/optimism/2_deploy_perp_depository.ts#L85This is the script used to deploy PerpDepository
, thus, there is no chance this is not initialized.
Considering this issue as informational based on Sponsor comments
R2
high
Rebalancing issues
Summary
Rebalancing is a crucial part of the protocol. But there are some issues with it:
Vulnerability Detail
PerpDepository.spotSwapper
not setImpact
Unbalanced circulation of UXD may lead to overinflation or opposite result. Both ways are bad for the protocol.
Code Snippet
https://github.com/sherlock-audit/2023-01-uxd/blob/main/contracts/integrations/perp/PerpDepository.sol#L158
https://github.com/sherlock-audit/2023-01-uxd/blob/main/contracts/integrations/perp/PerpDepository.sol#L507
Tool used
Manual Review
Recommendation
spotSwapper
is a critical variable, save it in the contract constructor