011.md

Lucky Peach Barbel

High

If context.global.assets is zero the _socialize function will return UFixed6Lib.ZERO, effectively preventing users from claiming any assets

The _update function allows users to deposit assets, redeem shares, and claim assets. However, there is a critical flaw in the handling of claimAssets. Specifically, the function uses the following logic to determine the claim amount:

UFixed6 claimAmount = _socialize(context, claimAssets);

The _socialize function calculates the claim amount based on the proportion of claimAssets to the total global assets, but it does not account for the possibility that context.global.assets could be zero. If context.global.assets is zero, the calculation:

return context.global.assets.isZero() ?
            UFixed6Lib.ZERO :
            claimAssets.muldiv(
                UFixed6Lib.unsafeFrom(context.totalCollateral).min(context.global.assets),
                context.global.assets
            );

will return UFixed6Lib.ZERO, effectively preventing users from claiming any assets, even if there are assets available in the vault.

Impact:

Users may be unable to claim their assets, even if the vault has sufficient collateral.

Example Scenario:

• A user attempts to claim assets (claimAssets) from the vault.
• Due to a temporary state where context.global.assets is zero (e.g. during a rebalance or settlement), the _socialize function returns UFixed6Lib.ZERO.
• The user receives no assets, even though the vault has sufficient collateral to fulfill the claim.

Fix:

the _socialize function should handle the case where context.global.assets is zero by allowing users to claim their proportional share of the total collateral.