netAssetDeposits doesn't represent the real amount of assets deposited into the Perpetual vault
Summary
netAssetDeposits supposed to represent the amount of assets that are deposited to the Perpetual vault in the PerpDepository.sol contract, but it doesn't since there are places where the depository is depositing assets without updating the netAssetDeposits state variable.
Vulnerability Detail
The state variable netAssetDeposits is being updated only on the _depositAsset and _withdrawAsset functions.
But, there are other scenarios which assets are being deposited to the Perpetual vault and the contract doesn't update the netAssetDeposits state variable.
Some examples:
Deposits
1) _processQuoteMint - deposits funds without increasing the netAssetDeposits variable.
2) _rebalanceNegativePnlWithSwap - deposits funds without increasing the netAssetDeposits variable.
3) _rebalanceNegativePnlLite - deposits funds without increasing the netAssetDeposits variable.
4) depositInsurance - deposits funds without increasing the netAssetDeposits variable.
Withdrawls
5) withdrawInsurance - withdraws funds without decreasing the netAssetDeposits variable.
6) _rebalanceNegativePnlWithSwap - withdraws funds without decreasing the netAssetDeposits variable.
Impact
The netAssetDeposits variable doesn't represent the real deposited assets into the vaults.
JohnnyTime
medium
netAssetDepositsdoesn't represent the real amount of assets deposited into the Perpetual vaultSummary
netAssetDepositssupposed to represent the amount of assets that are deposited to the Perpetual vault in thePerpDepository.solcontract, but it doesn't since there are places where the depository is depositing assets without updating the netAssetDeposits state variable.Vulnerability Detail
The state variable
netAssetDepositsis being updated only on the_depositAssetand_withdrawAssetfunctions. But, there are other scenarios which assets are being deposited to the Perpetual vault and the contract doesn't update thenetAssetDepositsstate variable.Some examples: Deposits 1)
_processQuoteMint- deposits funds without increasing thenetAssetDepositsvariable. 2)_rebalanceNegativePnlWithSwap- deposits funds without increasing thenetAssetDepositsvariable. 3)_rebalanceNegativePnlLite- deposits funds without increasing thenetAssetDepositsvariable. 4)depositInsurance- deposits funds without increasing thenetAssetDepositsvariable. Withdrawls 5)withdrawInsurance- withdraws funds without decreasing thenetAssetDepositsvariable. 6)_rebalanceNegativePnlWithSwap- withdraws funds without decreasing thenetAssetDepositsvariable.Impact
The
netAssetDepositsvariable doesn't represent the real deposited assets into the vaults.Code Snippet
https://github.com/sherlock-audit/2023-01-uxd/blob/main/contracts/integrations/perp/PerpDepository.sol#L394-L397 https://github.com/sherlock-audit/2023-01-uxd/blob/main/contracts/integrations/perp/PerpDepository.sol#L524-L527 https://github.com/sherlock-audit/2023-01-uxd/blob/main/contracts/integrations/perp/PerpDepository.sol#L498-L506 https://github.com/sherlock-audit/2023-01-uxd/blob/main/contracts/integrations/perp/PerpDepository.sol#L627-L630 https://github.com/sherlock-audit/2023-01-uxd/blob/main/contracts/integrations/perp/PerpDepository.sol#L638-L641 https://github.com/sherlock-audit/2023-01-uxd/blob/main/contracts/integrations/perp/PerpDepository.sol#L199-L201 https://github.com/sherlock-audit/2023-01-uxd/blob/main/contracts/integrations/perp/PerpDepository.sol#L219-L222
Tool used
Manual Review
Recommendation
Update the
netAssetDepositsanytime fund are being deposited / withdrawn from the vaults.Duplicate of #178