FLO-14: Deposit Rate Limiting Throttles Critical Rebalance Top-Ups #223
Description
Severity: Medium
Files Affected
cadence/contracts/FlowALPv1.cdc
Description
In _rebalancePositionNoLock (lines 3566–3670), when a position is under-collateralized and needs urgent top-up from its topUpSource, the deposited funds go through _depositEffectsOnly (line 3607), which applies both global and per-user deposit rate limits: // _rebalancePositionNoLock, under-collateralized branch: let pulledVault <- topUpSource.withdrawAvailable(maxAmount: idealDeposit) self._depositEffectsOnly(pid: pid, from: <-pulledVault) // rate-limited! // Inside _depositEffectsOnly (lines 2816-2830): let depositLimit = tokenState.depositLimit() if depositAmount > depositLimit { let queuedDeposit <- from.withdraw(amount: depositAmount - depositLimit) // excess is queued, not deposited } If the source provides 1000 tokens but the deposit limit is 200, only 200 is deposited — the remaining 800 is queued for future asyncUpdate cycles. The position remains under-collateralized and could be liquidated before the queued deposits are processed. Rebalance is a health- critical pool-internal operation; it should not be subject to rate limits designed for user-facing deposits.
Recommendation
Bypass deposit rate limiting for rebalance deposits, either by adding an internal flag to _depositEffectsOnly to skip rate limiting, or by using a separate deposit path for rebalance operations.
Parent Issue: #209