search

sherlock-audit / 2024-08-velar-artha-judging

6 stars 2 forks source link

0xbranded - Use of block.number to represent passage of time #11

Closed sherlock-admin3 closed 1 week ago

sherlock-admin3 commented 1 week ago

0xbranded

Medium

Use of block.number to represent passage of time

Summary

The use of block.number will result in inaccurate or inconsistent fee calculations, since block times are not fixed.

Vulnerability Detail

block.number is used to calculate the passage of time since the last fee update in fees.vy.

  new_terms: uint256   = block.number - fs.t1
... 
  borrowing_long_sum  : uint256 = self.extend(fs.borrowing_long_sum,  fs.borrowing_long,  new_terms)
  borrowing_short_sum : uint256 = self.extend(fs.borrowing_short_sum, fs.borrowing_short, new_terms)
  funding_long_sum    : uint256 = self.extend(fs.funding_long_sum,    fs.funding_long,    new_terms)
  funding_short_sum   : uint256 = self.extend(fs.funding_short_sum,   fs.funding_short,   new_terms)

However, there have been numerous instances of inconsistent block times, in which case block number would not be representative of the passage of time.

Given that the protocol will be deployed on a new chain, the risk of inconsistent block times is exacerbated, as has been observed with Canto, Solana, and Starknet, in which cases block production was halted entirely. Additionally, the BOB chain's development roadmap introduces possible future changes (or volatility) in block time, especially in transition periods where the settlement layer is changed.

While the admin can change fee parameters in response to changing blocktimes on the BOB chain, this approach will not mitigate volatility in blocktimes, nor halts in block generation.

Impact

When blocktimes speed up, users will overpay fees, while if blocktimes slow down, underpayments of fees will occur. Fee payments will generally be inconsistent, and trust in the system will be eroded. In the event of a halt in block production, no funding (or borrowing) payments will be made during that time, allowing some positions to remain unliquidated for a longer period of time and depriving positions / lps of any fees.

Code Snippet

Tool used

Manual Review

Recommendation

Consider changing fee calculations to use timestamps instead of block numbers, given the predictability of block.timestamp, as it also does not compromise the security of the system.

msheikhattari commented 1 week ago

Escalate

Can I get more context on why this was invalidated? It's not just relating to network liveness.

sherlock-admin3 commented 1 week ago

Escalate

Can I get more context on why this was invalidated? It's not just relating to network liveness.

You've created a valid escalation!

To remove the escalation from consideration: Delete your comment.

You may delete or edit your escalation comment anytime before the 48-hour escalation window closes. After that, the escalation becomes final.