GiuseppeDeLaZara - `LeverageExecutor` is not working inside `BBLeverage` and `SGLeverage`

[sherlock-admin3]

GiuseppeDeLaZara

high

LeverageExecutor is not working inside BBLeverage and SGLeverage

Summary

The buyCollateral and sellCollateral functions inside the BBLeverage and SGLeverage contracts are non-functional as there is no implementation of getCollateral and getAsset in the current LeverageExecutor interface.

Vulnerability Detail

BBLeverage::buyCollateral and SGLeverage::buyCollateral are calling LeverageExecutor::getCollateral.

BBLeverage::sellCollateral and SGLeverage::buyCollateral are calling LeverageExecutor::getAsset.

However, these functions have completely different interfaces inside all the implementations of BaseLeverageExecutor, e.g. AssetToSGLPLeverageExecutor, AssetTotsDaiLeverageExecutor, SimpleLeverageExecutor.

It seems in the previous versions of Tapioca leverageExecutor had the interface that is now expected by BBLeverage and SGLeverage. This was probably introduced during the migration to new leverageExecutor.

Neverthless, the current buyCollateral and sellCollateral functions are non-functional as there is no implementation of getCollateral and getAsset in the current LeverageExecutor interface.

Impact

The buyCollateral and sellCollateral function inside the BBLeverage and SGLeverage contracts are non-functional as there is no implementation of getCollateral and getAsset in the current LeverageExecutor interface. As this is a core functionality of the leverage contracts, it is a high-severity issue.

Code Snippet

• https://github.com/sherlock-audit/2024-02-tapioca/blob/dc2464f420927409a67763de6ec60fe5c028ab0e/Tapioca-bar/contracts/markets/bigBang/BBLeverage.sol#L144
• https://github.com/sherlock-audit/2024-02-tapioca/blob/dc2464f420927409a67763de6ec60fe5c028ab0e/Tapioca-bar/contracts/markets/singularity/SGLLeverage.sol#L129
• https://github.com/sherlock-audit/2024-02-tapioca/blob/dc2464f420927409a67763de6ec60fe5c028ab0e/Tapioca-bar/contracts/markets/singularity/SGLLeverage.sol#L77
• https://github.com/sherlock-audit/2024-02-tapioca/blob/dc2464f420927409a67763de6ec60fe5c028ab0e/Tapioca-bar/contracts/markets/bigBang/BBLeverage.sol#L93

Tool used

Manual Review

Recommendation

Change the logic inside the BBLeverage and SGLeverage contracts to use the correct interface of LeverageExecutor for getAsset and getCollateral functions, and pass the correct arguments to these functions.

Duplicate of #115

[sherlock-admin3]

1 comment(s) were left on this issue during the judging contest.

WangAudit commented:

BaseLeverageExecutor doesn't inherit ILeverageExecutor. If we look at Market.sol (this is where we declare leverageExecutor) it's ILeverageExecutor type. And this interface indeed has assetId as an input parameter -> BaseLeverageExecutor will not be called here cause BaseLeverageExecutor doesn't inherit ILeverageExecutor