search

sherlock-audit / 2023-12-flatmoney-judging

9 stars 7 forks source link

0xLogos - Wrong price used to update updateGlobalPositionData in liquidate #278

Closed sherlock-admin2 closed 5 months ago

sherlock-admin2 commented 5 months ago

0xLogos

high

Wrong price used to update updateGlobalPositionData in liquidate

Summary

In LiquidationModule::liquidate when updating global position data position.lastPrice is used insted of currentPrice

Vulnerability Detail

In FlatcoinVault::updateGlobalPositionData there's comment "The current price of the underlying asset" for _price parameter. But in liquidate used stale position.price as the parameter

vault.updateGlobalPositionData({
    price: position.lastPrice,
    marginDelta: -(int256(position.marginDeposited) + positionSummary.accruedFunding),
    additionalSizeDelta: -int256(position.additionalSize)
});

position.price is the price of asset in time of last open/adjustmet and can be very different from from current price

Impact

Incorrect price used for _globalPositions and calculatingstableCollateralTotal in FlatcoinVault which is critical values for protocol

Code Snippet

https://github.com/sherlock-audit/2023-12-flatmoney/blob/bba4f077a64f43fbd565f8983388d0e985cb85db/flatcoin-v1/src/LiquidationModule.sol#L160

Tool used

Manual Review

Recommendation

Use currentPrice instead

Duplicate of #188

sherlock-admin commented 5 months ago

1 comment(s) were left on this issue during the judging contest.

takarez commented:

valid: high(1)

sherlock-admin commented 4 months ago

The protocol team fixed this issue in PR/commit https://github.com/dhedge/flatcoin-v1/pull/264.