Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aslanbek - Actual funding can be lower than intended due to precision loss in utilization #60

Closed
sherlock-admin4 opened this issue Sep 9, 2024 · 7 comments
Closed

aslanbek - Actual funding can be lower than intended due to precision loss in utilization #60

sherlock-admin4 opened this issue Sep 9, 2024 · 7 comments
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Escalation Resolved This issue's escalations have been approved/rejected Medium A Medium severity issue. Reward A payout will be made for this issue

Comments

@sherlock-admin4
Copy link
Contributor

sherlock-admin4 commented Sep 9, 2024
edited by WangSecurity
Loading

aslanbek

Medium

Actual funding can be lower than intended due to precision loss in utilization

Summary

Because params#utilization is not multiplied by a precision factor, computed utilization can be up to 100% lower than the actual one (i.e. 0 instead of ~1), which in turn would make funding fees up to 100% lower than intended.

Root Cause

Absense of precision factor in params#utilization (and absence of division by the same factor in params#scale).

Impact

Shorts/longs receive up to 100% less funding fees from longs/shorts than they should.

PoC

base_reserves = 101e18
base_interest = 1e18
utilization = 1e18 / (101e18 / 100) = 1e18 / 1.01e18 = 0

Mitigation

utilization should be multiplied by 1e18 (or another suitable precision factor).
scale should be divided by the same value.

Duplicate of #72
@github-actions github-actions bot added the Excluded Excluded by the judge without consulting the protocol or the senior label Sep 11, 2024
@sherlock-admin3 sherlock-admin3 changed the title Proper Vermilion Mule - Actual funding can be lower than intended due to precision loss in utilization aslanbek - Actual funding can be lower than intended due to precision loss in utilization Sep 11, 2024
@sherlock-admin3 sherlock-admin3 added the Non-Reward This issue will not receive a payout label Sep 11, 2024
@aslanbekaibimov
Copy link

Escalate

Valid Medium

Causes a loss of funds but requires certain external conditions or specific states, or a loss is highly constrained. The losses must exceed small, finite amount of funds, and any amount relevant based on the precision or significance of the loss.

@sherlock-admin3
Copy link
Contributor

Escalate

Valid Medium

Causes a loss of funds but requires certain external conditions or specific states, or a loss is highly constrained. The losses must exceed small, finite amount of funds, and any amount relevant based on the precision or significance of the loss.

You've created a valid escalation!

To remove the escalation from consideration: Delete your comment.

You may delete or edit your escalation comment anytime before the 48-hour escalation window closes. After that, the escalation becomes final.

@sherlock-admin4 sherlock-admin4 added the Escalated This issue contains a pending escalation label Sep 12, 2024
@WangSecurity
Copy link

@aslanbekaibimov could you make a scenario showcasing how the utilisation can be so low?

@rickkk137 rickkk137 mentioned this issue Sep 23, 2024
Open
@aslanbekaibimov
Copy link

Let's say we have ETH/USDT pair, 1 ETH = 2000 USDT

base_reserves == 101e18 from the report can happen if someone deposits 101e18 ETH

base_interest == 1e18 from the report can happen if someone opens a relatively small long position

E.g. LP Alice provides 101e18 ETH and 202_000e6 USDT via mint (1e18 ETH = 2000e6 USDT)

Trader Bob opens a long of 0.5e18 ETH with 2000e6 USDT of collateral without leverage

base_interest = interest.base = position.interest_tagged.base = interest = virtual_tokens * leverage = quote_to_base(2000 USDT to ETH) = 1e18

@WangSecurity
Copy link

Thank you for that numerical POC. The issue is correct and indeed identifies a precision loss leading to a loss of funds. Planning to accept the escalation and validate with medium severity. This issue will be duplicated with #72, since #72 has the POC in the report.

@WangSecurity WangSecurity added Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A Medium severity issue. and removed Excluded Excluded by the judge without consulting the protocol or the senior labels Sep 28, 2024
@sherlock-admin2 sherlock-admin2 added Reward A payout will be made for this issue and removed Non-Reward This issue will not receive a payout labels Sep 28, 2024
@WangSecurity
Copy link

Result:
Medium
Duplicate of #72

@sherlock-admin2 sherlock-admin2 removed the Escalated This issue contains a pending escalation label Sep 28, 2024
@sherlock-admin3 sherlock-admin3 added the Escalation Resolved This issue's escalations have been approved/rejected label Sep 28, 2024
@sherlock-admin3
Copy link
Contributor

Escalations have been resolved successfully!

Escalation status:

@WangSecurity WangSecurity mentioned this issue Oct 9, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Escalation Resolved This issue's escalations have been approved/rejected Medium A Medium severity issue. Reward A payout will be made for this issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@aslanbekaibimov @WangSecurity @sherlock-admin2 @sherlock-admin3 @sherlock-admin4