Closed sherlock-admin2 closed 3 months ago
1 comment(s) were left on this issue during the judging contest.
_karanel commented:
borderline low. likelihood: low, impact: low/medium
Its a low, this cause code bloat which could make the contract too large and at most would only last until there is another rebalance call. Won't fix.
bughuntoor
medium
Alt ticks will not be set if
bal1 == amount0
Summary
Alt ticks will not be set if
bal1 == amount0
Vulnerability Detail
Let's look at the code of
_setAltTicks
As we can see, we have a check if
amount0 < bal1
and ifbal1 < amount0
. However, if the two balances are equal, alt ticks will not be set.This would cause old ticks to once again be used after rebalancing and liquidity being put in wrong/ out-of-range ticks.
Impact
AltTicks
will be wrong, resulting in worse liquidity management and ultimately less accrued fees for protocol usersCode Snippet
https://github.com/sherlock-audit/2024-05-beefy-cowcentrated-liquidity-manager/blob/main/cowcentrated-contracts/contracts/strategies/velodrome/StrategyPassiveManagerVelodrome.sol#L672
Tool used
Manual Review
Recommendation
Change the
else if
toelse