Description

The vip module has two parameters, the minimum_tvl and the maximum_tvl. These parameters can be updated with the chain signer. An invariant requires that minimum_tvl always be less than or equal to maximum_tvl.

The function to update the minimum_tvl is as follows.

public entry fun update_minimum_tvl(
    chain: &signer,
    minimum_tvl: u64,
) acquires ModuleStore {
    check_chain_permission(chain);
    let module_store = borrow_global_mut<ModuleStore>(signer::address_of(chain));
    assert!(minimum_tvl >= 0,error::invalid_argument(EINVALID_MIN_TVL));
    module_store.minimum_tvl = minimum_tvl;
}

Note that the check for the minimum_tvl is incorrect and always passes. It should check that the minimum_tvl is less than the maximum_tvl.

Impact

It is possible to create a condition where the invariant is violated by calling this function. This issue is low impact since only an improperly formed call with chain permissions can trigger it.

Recommendations

Fix the check to correctly ensure the TVL limits are reasonable.

Remediation