executeLimitOrder()
calls modifyLongOi()
and modifyShortOi()
with wrong position size
#431
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
duplicate-576
satisfactory
satisfies C4 submission criteria; eligible for awards
Lines of code
https://github.com/code-423n4/2022-12-tigris/blob/588c84b7bb354d20cbca6034544c4faa46e6a80e/contracts/Trading.sol#L513-L517
Vulnerability details
Impact
executeLimitOrder()
callsmodifyLongOi()
andmodifyShortOi()
with wrong position size, causes the following state variables wrongly updatedProof of Concept
The vulnerability points
Tools Used
VS Code
Recommended Mitigation Steps
Use margin after fee to calculate position.
The text was updated successfully, but these errors were encountered: