Inconsistent Liquidity Updates in AMM Swap Function
Summary
The _ammSwap function within the smart contract selectively updates the internal AMM liquidity state based only on a decrease in calculated liquidity compared to the current effective liquidity. This conditional update can result in the smart contract operating with outdated liquidity information, which might not reflect true market conditions if the liquidity has increased or remained the same.
Vulnerability Detail
The smart contract uses the _calculateAMMLiquidity function to compute the new liquidity state, which it then compares to the stored _effectiveAMMLiquidity. The current implementation updates the stored liquidity state only if the newly computed liquidity is less than the existing effective liquidity. This approach fails to account for scenarios where the new liquidity is greater than or equal to the current effective liquidity, potentially leading to decisions made on stale data.
Impact
Neglecting to update the liquidity state when it has increased or remained constant can lead to several issues:
The AMM might not utilize its full trading capacity, leading to less optimal trading conditions and potentially less favorable prices for users.
Continuously operating with outdated liquidity data can increase the risk of errors and discrepancies in the AMM's functioning, potentially leading to financial losses for users and the platform.
Adjust the conditional logic to update the effective liquidity every time new liquidity is calculated, regardless of whether it is higher, lower, or the same as the current effective liquidity. This ensures that the AMM always operates with the most accurate liquidity information.
0xrobsol
medium
Inconsistent Liquidity Updates in AMM Swap Function
Summary
The _ammSwap function within the smart contract selectively updates the internal AMM liquidity state based only on a decrease in calculated liquidity compared to the current effective liquidity. This conditional update can result in the smart contract operating with outdated liquidity information, which might not reflect true market conditions if the liquidity has increased or remained the same.
Vulnerability Detail
The smart contract uses the _calculateAMMLiquidity function to compute the new liquidity state, which it then compares to the stored _effectiveAMMLiquidity. The current implementation updates the stored liquidity state only if the newly computed liquidity is less than the existing effective liquidity. This approach fails to account for scenarios where the new liquidity is greater than or equal to the current effective liquidity, potentially leading to decisions made on stale data.
Impact
Neglecting to update the liquidity state when it has increased or remained constant can lead to several issues:
Code Snippet
https://github.com/sherlock-audit/2024-03-arrakis/blob/main/valantis-hot/src/HOT.sol#L844-L849
Tool used
Manual Review
Recommendation
Adjust the conditional logic to update the effective liquidity every time new liquidity is calculated, regardless of whether it is higher, lower, or the same as the current effective liquidity. This ensures that the AMM always operates with the most accurate liquidity information.