Attractive Raisin Sheep
High
The deposit and withdraw functions in the CDS.sol contract can always revert because any user can increase the storage variable downsideProtected as they wish.
In CDS.sol:829 there is a missing check on updateDownsideProtected function.
Thus anyone can increase downsideProtected as they wish.
function updateDownsideProtected(uint128 downsideProtectedAmount) external {
downsideProtected += downsideProtectedAmount;
}No response
No response
- An attacker calls the
updateDownsideProtectedfunction on theCDScontract withdownsideProtectedAmountset to nearlytype(uint256).max. https://github.com/sherlock-audit/2024-11-autonomint/blob/main/Blockchain/Blockchian/contracts/Core_logic/CDS.sol#L829 - As a result, the
depositandwithdrawfunctions will always revert for all subsequent calls made by users.
The CDS contract will be rendered inoperable since the deposit and withdraw functions, which are core features of this contract, will always revert.
In short, CDS contract will be broken.
The _updateCurrentTotalCdsDepositedAmount function is invoked within the deposit and withdraw functions to adjust totalCdsDepositedAmount and totalCdsDepositedAmountWithOptionFees based on the downsideProtected amount.
https://github.com/sherlock-audit/2024-11-autonomint/blob/main/Blockchain/Blockchian/contracts/Core_logic/CDS.sol#L234
https://github.com/sherlock-audit/2024-11-autonomint/blob/main/Blockchain/Blockchian/contracts/Core_logic/CDS.sol#L324
If anyone sets downsideProtected to nearly type(uint256).max, these calculations will always fail and cause a revert because of underflow of uint256.
https://github.com/sherlock-audit/2024-11-autonomint/blob/main/Blockchain/Blockchian/contracts/Core_logic/CDS.sol#L835
Restrict the updateDownsideProtected function so that it can only be called by the admin or owner of the contract(it can be core contracts in this protocol).