Closed sherlock-admin4 closed 1 week ago
ZeroTrust
High
When the poolValue is 0, the corresponding market will experience a DoS
In RedeemProcess.sol, _executeRedeemStakeToken will revert, When the poolValue is 0
_executeRedeemStakeToken
function _executeRedeemStakeToken( LpPool.Props storage pool, Redeem.Request memory params, address baseToken ) internal returns (uint256) { ExecuteRedeemCache memory cache; cache.poolValue = pool.getPoolValue(); cache.totalSupply = TokenUtils.totalSupply(pool.stakeToken); cache.tokenDecimals = TokenUtils.decimals(baseToken); @>> if (cache.poolValue == 0 || cache.totalSupply == 0) { revert Errors.RedeemWithAmountNotEnough(params.account, baseToken); } //skip ...... }
In MintProcess.sol, _executeMintStakeUsd will revert, When the poolValue is 0
_executeMintStakeUsd
function computeStakeAmountFromMintToken( LpPool.Props storage pool, uint256 mintAmount ) public view returns (uint256) { uint256 totalSupply = TokenUtils.totalSupply(pool.stakeToken); uint8 tokenDecimals = TokenUtils.decimals(pool.baseToken); uint256 poolValue = pool.getPoolValue(); uint256 mintStakeTokenAmount; if (totalSupply == 0 && poolValue == 0) { mintStakeTokenAmount = mintAmount; } else if (totalSupply == 0 && poolValue > 0) { mintStakeTokenAmount = mintAmount + CalUtils.usdToToken( poolValue, tokenDecimals, OracleProcess.getLatestUsdUintPrice(pool.baseToken, true) ); @>> } else if (poolValue == 0) { revert Errors.PoolValueIsZero(); } //skip .. }
and getPoolAvailableLiquidity() will be 0. It’s very likely for poolValue to be 0 because it bears the counterparty risk for both long and short positions of users. Then the corresponding market will experience a DoS。
the corresponding market will experience a DoS
https://github.com/sherlock-audit/2024-05-elfi-protocol/blob/main/elfi-perp-contracts/contracts/process/RedeemProcess.sol#L133
https://github.com/sherlock-audit/2024-05-elfi-protocol/blob/main/elfi-perp-contracts/contracts/process/MintProcess.sol#L276
Manual Review
Take measures to ensure that positions are closed when there is a significant buffer in poolValue.
Invalid, if pool value is zero than there is nothing to redeem, I don't see the issue here
ZeroTrust
High
When the poolValue is 0, the corresponding market will experience a DoS
Summary
When the poolValue is 0, the corresponding market will experience a DoS
Vulnerability Detail
In RedeemProcess.sol,
_executeRedeemStakeToken
will revert, When the poolValue is 0In MintProcess.sol,
_executeMintStakeUsd
will revert, When the poolValue is 0and getPoolAvailableLiquidity() will be 0. It’s very likely for poolValue to be 0 because it bears the counterparty risk for both long and short positions of users. Then the corresponding market will experience a DoS。
Impact
the corresponding market will experience a DoS
Code Snippet
https://github.com/sherlock-audit/2024-05-elfi-protocol/blob/main/elfi-perp-contracts/contracts/process/RedeemProcess.sol#L133
https://github.com/sherlock-audit/2024-05-elfi-protocol/blob/main/elfi-perp-contracts/contracts/process/MintProcess.sol#L276
Tool used
Manual Review
Recommendation
Take measures to ensure that positions are closed when there is a significant buffer in poolValue.