Skip to content
This repository has been archived by the owner on Sep 15, 2024. It is now read-only.

GiuseppeDeLaZara - LeverageExecutor is not working inside BBLeverage and SGLeverage #78

Closed
sherlock-admin3 opened this issue Mar 15, 2024 · 1 comment
Closed

GiuseppeDeLaZara - LeverageExecutor is not working inside BBLeverage and SGLeverage #78

sherlock-admin3 opened this issue Mar 15, 2024 · 1 comment
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A valid Medium severity issue Reward A payout will be made for this issue

Comments

@sherlock-admin3
Copy link
Contributor

sherlock-admin3 commented Mar 15, 2024
edited
Loading

GiuseppeDeLaZara

high

LeverageExecutor is not working inside BBLeverage and SGLeverage

Summary

The buyCollateral and sellCollateral functions inside the BBLeverage and SGLeverage contracts are non-functional as there is no implementation of getCollateral and getAsset in the current LeverageExecutor interface.

Vulnerability Detail

BBLeverage::buyCollateral and SGLeverage::buyCollateral are calling LeverageExecutor::getCollateral.

BBLeverage::sellCollateral and SGLeverage::buyCollateral are calling LeverageExecutor::getAsset.

However, these functions have completely different interfaces inside all the implementations of BaseLeverageExecutor, e.g.
AssetToSGLPLeverageExecutor, AssetTotsDaiLeverageExecutor, SimpleLeverageExecutor.

It seems in the previous versions of Tapioca leverageExecutor had the interface that is now expected by BBLeverage and SGLeverage. This was probably introduced during the migration to new leverageExecutor.

Neverthless, the current buyCollateral and sellCollateral functions are non-functional as there is no implementation of getCollateral and getAsset in the current LeverageExecutor interface.

Impact

The buyCollateral and sellCollateral function inside the BBLeverage and SGLeverage contracts are non-functional as there is no implementation of getCollateral and getAsset in the current LeverageExecutor interface.
As this is a core functionality of the leverage contracts, it is a high-severity issue.

Code Snippet

Tool used

Manual Review

Recommendation

Change the logic inside the BBLeverage and SGLeverage contracts to use the correct interface of LeverageExecutor for getAsset and getCollateral functions, and pass the correct arguments to these functions.

Duplicate of #115
@github-actions github-actions bot added Medium A valid Medium severity issue Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label labels Mar 20, 2024
@sherlock-admin3
Copy link
Contributor Author

1 comment(s) were left on this issue during the judging contest.

WangAudit commented:

BaseLeverageExecutor doesn't inherit ILeverageExecutor. If we look at Market.sol (this is where we declare leverageExecutor) it's ILeverageExecutor type. And this interface indeed has assetId as an input parameter -> BaseLeverageExecutor will not be called here cause BaseLeverageExecutor doesn't inherit ILeverageExecutor

@sherlock-admin3 sherlock-admin3 changed the title Rural Amethyst Tapir - LeverageExecutor is not working inside BBLeverage and SGLeverage GiuseppeDeLaZara - LeverageExecutor is not working inside BBLeverage and SGLeverage Mar 31, 2024
@sherlock-admin3 sherlock-admin3 added the Reward A payout will be made for this issue label Mar 31, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A valid Medium severity issue Reward A payout will be made for this issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sherlock-admin3