Platform: Code4rena
Start Date: 05/08/2021
Pot Size: $50,000 USDC
Total HM: 9
Participants: 16
Period: 7 days
Judge: 0xean
Total Solo HM: 4
Id: 22
League: ETH
Rank: 13/16
Findings: 2
Award: $491.06
🌟 Selected for report: 0
🚀 Solo Findings: 0
139.9465 USDC - $139.95
loop
Multiple markets can be created before being initialized since createNewSyntheticMarket and initializeMarket are separate functions. The SyntheticTokens used in initialization will however always be those of the latest market created.
Let's create two synthetic markets using the createNewSyntheticMarket function, first TokenA then TokenB, without invoking initializeMarket inbetween market creation. The global variable latestMarket will have been increased by 2 now, correctly pointing to TokenB as the latest market. The synthetic tokens used for the market will also be created during this function.
When trying to initialize the market for TokenA using the initializeMarket function, the staker funds that will be added are those of the latestMarket (the synthetic tokens for TokenB). The same goes for the minting of the synthetic tokens in _seedMarketInitially. As a result it is not possible to initialize the market for TokenA anymore since it is not the latest market.
A potential issue might also arise for adding staking funds when the marketIndex used in initializeMarket is smaller than the value of latestMarket. The marketIndex given to addNewStakingFund is that of latestMarket. This might result in staking funds being created for a marketIndex at a higher value. Since addNewStakingFunds does not set marketExists for that specific marketIndex to true, if tokenB now gets initialized at the same marketIndex as latestMarket, it will now overwrite the previously initialized staking funds.
Editor
Make sure a market gets initialized before creating a new one.
#0 - JasoonS
2021-08-11T05:22:07Z
This is somewhat a duplicate of #9 - but kind of misses some of the nuance?
The mitigation isn't possible, our initialize function needs to be separate due to gas limits (deploying two custom erc20 tokens is expensive gas wise!)
Mitigation in other issue is correct.
351.1121 USDC - $351.11
loop
No impact on whether the protocol works, as uint32 is likely what's meant to be used. Can be confusing when reading the code as the comment states marketIndex is an int32.
Comments on the following lines in LongShort.sol: 222, 303, 332, 505, 768, 788, 800, 823, 830, 842, 868, 875, 887, 927, 934, 946, 970, 994, 1034, 1053, 1060, 1074, 1093 and 1120
#0 - JasoonS
2021-08-11T05:12:17Z
Duplicate #27 , thanks