Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Wasabi Perps>High findings>Unused on-chain interest calculation
GeneralOverview
Findings
Critical (2)
High (1)Unused on-chain interest calculation
Medium (1)
Low (4)
Informational (2)
DiscussionLimited test coverageThe difficulty of analyzing code that relies on offchain components
Threat ModelWhat are threat models?BaseWasabiPool.solDebtController.solWasabiLongPool.solWasabiShortPool.solWasabiVault.sol
Audit ResultsSummary
Category: Coding Mistakes

Unused on-chain interest calculation

High Severity
Medium Impact
High Likelihood

Description

When closing a short position, the short pool computes the amount of interest required from the user. However, the result of the calculation is not used.

function _closePositionInternal(
    bool _unwrapWETH,
    uint256 _interest,
    Position calldata _position,
    FunctionCallData[] calldata _swapFunctions
) internal returns(uint256 payout, uint256 principalRepaid, uint256 interestPaid, uint256 feeAmount) {
    if (positions[_position.id] != _position.hash()) revert InvalidPosition();
    if (_swapFunctions.length == 0) revert SwapFunctionNeeded();

    _interest = _computeInterest(_position, _interest);
    // [...]

The _interest variable is not used anywhere in _closePositionInternal.

Impact

Ignoring the computed interest removes any on-chain check regarding the amount of interest paid. This means that there is no on-chain enforcement of any upper or lower limit to the interest the user has to pay.

Recommendations

Check that the user has paid the amount of interest computed on chain.

Remediation

This issue has been acknowledged by Wasabi, and a fix was implemented in commit dacffc05.

The team implemented checks that ensure the amount of interest repaid is within 3% of the on-chain computed interest. While the 3% margin of error is not necessary, this fix does constrain the amount of interest repaid.

Zellic © 2024Back to top ↑