logo
Steadefi Documentation
/
Security
/
Audits
/
Codehawks Public Audit Mitigation Report

M-15. GMXVault can stop working in case if GMX will change `Keys.MAX_CALLBACK_GAS_LIMIT` to smaller than 2 millions

Submitted by rvierdiiev, inzinko, 0xffchain. Selected submission by: rvierdiiev.

Relevant GitHub Links

https://github.com/Cyfrin/2023-10-SteadeFi/blob/main/contracts/strategy/gmx/GMXWorker.sol#L60

Summary

Keys.MAX_CALLBACK_GAS_LIMIT is configurable param inside GMX protocol, which can be changed to value that is smaller than 2 millions. As Steadefi doesn't callback gas limit is hardcoded, deposits and withdraws can fail.

Vulnerability Details

GMXWorker library is used to send requests directly to GMX protocol. It contains addLiquidity and removeLiquidity functions that will create request on GMX and will be waiting for execution. Both these functions set 2 millions of gas as callbackGasLimit.
When deposit or withdraw request is handled on GMX side, then callbackGasLimit is validated to be not bigger than it's allowed. Keys.MAX_CALLBACK_GAS_LIMIT value is configurable and can be changed by GMX team. And in case if it will be less than 2 million, then all deposits and withdraws requests from steadefi will be reverted.
I leave this as medium severity, because of the fact that callback limit should be decreased first in order to create problems.

Impact

Deposits and withdraws from steadefi will be blocked.

Tools Used

VsCode

Recommendations

Make callbackGasLimit to be configurable.
L-15. ChainlinkARBOracle.consult will revert phase id was increased for chainlink aggregator
M-09. `emergencyClose()` may fail to repay any debt
Powered by Notaku
Share
Content
M-15. GMXVault can stop working in case if GMX will change `Keys.MAX_CALLBACK_GAS_LIMIT` to smaller than 2 millions
Relevant GitHub Links
Summary
Vulnerability Details
Impact
Tools Used
Recommendations