Closed sherlock-admin closed 1 year ago
2 comment(s) were left on this issue during the judging contest.
141345 commented:
d
panprog commented:
invalid because context is updated in the memory and saved to storage contrary to what's described in the issue
cryptphi
high
internal _update() in Market.update() does not return updated context.
Summary
internal _update() in Market.update() does not return updated context.
Vulnerability Detail
In the Market contract, the external function update(), is meant to update the account's position and collateral by loading the account's context in memory and then updating the accoun't context positions in the internal
_update()
before saving the updated context for the account. However the_saveContext()
is only saving the the previous loaded context in memory and not the updated context. This means that while the account's position gets updated, its collateral in the local state is never updated.The _update() call in https://github.com/sherlock-audit/2023-07-perennial/blob/main/perennial-v2/packages/perennial/contracts/Market.sol#L86 should return the updated context in order for
_saveContext()
to save the new local state for the account.Impact
Loss of account's collateral
Code Snippet
_loadContext(account)
loads the account's context to memory and calls_update()
with the memory variable context as an argumentcontext is updated in
_update()
call but updates collateral for the inputed memory argument and does not store the updated values to storageTool used
Manual Review
Recommendation
_update()
function should returnContext memory context
values for _saveContext to store the new context values