Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Ostium>Medium findings>The value of ,groupsCollaterals, could exceed ,groupMaxCollateral
GeneralOverview
Findings
Critical (2)
High (3)
Medium (6)The `maxAllowedCollateral` check could be bypassedPremium price feeds are not usedValue of `groupsCollaterals` could exceedExtra `PRECISION_6` divides `utilizationFee`Incorrect funding-rate calculation due to roundingCentralization risk of trusted owner
Low (6)
Informational (2)
DiscussionRemoval of trading pairs is not supportedIncorrect last updated block number for TP and SLTradeUtils used as a library for address
Threat ModelWhat are threat models?Delegatable.solOstiumOpenPnl.solOstiumTrading.solOstiumVault.sol
Audit ResultsSummary
Category: Business Logic

The value of groupsCollaterals could exceed groupMaxCollateral

Medium Severity
Medium Impact
High Likelihood

Description

When a new trade is created, the value of groupsCollaterals is increased by the amount of collateral added in that trade. This ensures that the total collateral of the group does not increase the groupMaxCollateral, as verified in the withinExposureLimits function. Although the group collateral is updated using updateGroupCollateral when new trade is created, this value is not updated when topUpCollateral is called to add more collateral in an open trade.

Additionally, the verification to ensure that the new groupsCollaterals remains below the groupMaxCollateral is absent within the same function.

Impact

When collateral is added using the topUpCollateral function, the new collateral could bypass the groupMaxCollateral, breaking the invariant.

Recommendations

Add the new collateral value to the groupsCollaterals mapping and verify that the new value of groupsCollaterals remains below the groupMaxCollateral.

Remediation

This issue has been acknowledged by Ostium Labs, and a fix was implemented in commit 6181f69e.

Zellic © 2024Back to top ↑