Platform: Code4rena
Start Date: 17/02/2022
Pot Size: $75,000 USDC
Total HM: 20
Participants: 39
Period: 7 days
Judges: moose-code, JasoonS
Total Solo HM: 13
Id: 89
League: ETH
Rank: 5/39
Findings: 3
Award: $6,078.68
🌟 Selected for report: 3
🚀 Solo Findings: 2
🌟 Selected for report: 0xliumin
2785.5118 USDC - $2,785.51
A user can get a much larger portion of the pool as it recovers from a debt seizure. The intent of the insurance pool seems to be that it could recover from a bad debt event.
seizeBadDebt is called with 2e18. Now, there are pendingObligations = 1e18, and there is 0 vusd in the insurance fund.shares = 1e18 * 1e18 / 1. As a result, Bob will get 1e36 shares, diluting Alice's share of the pool. Bob will be able to take a much larger share of all future profits from the insurance fund until more bad debt is seized. Bob only provided 2e18 + 1 liqudiity, but received an exponentially larger number of shares than Alice.it depends on how you want this to work. You could keep track of the total amount ever contributed by users, and use that for calculations. Or just make staking 1 vUSD = 1 share if the pool total is below the total number of shares.
#0 - atvanguard
2022-03-01T03:38:15Z
We are still evaluating this. It might be changed to sponsor disputed
#1 - atvanguard
2022-03-01T19:47:22Z
Disputing this. It is by design. LPs who were in the insurance fund will be burnt during a bad debt settlement.
🌟 Selected for report: 0xliumin
2785.5118 USDC - $2,785.51
settleFunding calls will revert until all AMMs are ready to be updated.
You shouldn't revert at the place mentioned in the links to affected code. Just return so that the other AMMs can still get updated.
🌟 Selected for report: 0xliumin
Also found by: WatchPug, hyh, minhquanym
507.6595 USDC - $507.66
Assets sent from MarginAccount to InsuranceFund will be locked forever
The insurance fund doesn't have a way to transfer non-vusd out of the contract.
Assets transferred to the InsuranceFund will be locked forever.
Have a way for governance to sweep tokens to swap them.
#0 - atvanguard
2022-02-24T03:55:53Z
Yes this a known issue and already on our roadmap.
#1 - moose-code
2022-03-06T08:12:09Z
The insurance fund contract is also upgradeable so its a fairly simple fix upgrade and to sweep the tokens out when the time comes - i.e. tokens won't be lost forever. Still would be better to have it in from the start to avoid this process. Considering moving to medium. Assessing other issues first, will circle back
#2 - moose-code
2022-03-09T20:57:04Z
Moving to medium as contracts are upgradeable so the tokens can always be collected later. If the contract was non-upgradeable I would have left as high