-
Notifications
You must be signed in to change notification settings - Fork 1
IllIllI - Stop-loss orders do not become marketable orders #233
Comments
would classify this as a medium, the oracle should sign a price in the block in which the order was submitted, the likelihood that the price was out of range by then should be small, it is somewhat similar to the chance of submitting a market order and price moves past the acceptable price |
Escalate for 10 USDC. the severity should be high. the impact:
basically this is equal to lack of slippage protection! |
You've created a valid escalation for 10 USDC! To remove the escalation from consideration: Delete your comment. You may delete or edit your escalation comment anytime before the 48-hour escalation window closes. After that, the escalation becomes final. |
Will leave this up to Sherlock |
Result: |
Escalations have been resolved successfully! Escalation status:
|
fixed in gmx-io/gmx-synthetics@3243138 the code was updated to allow stop-loss orders to be executed if the trigger price was crossed |
IllIllI
high
Stop-loss orders do not become marketable orders
Summary
Stop-loss orders do not execute if the market has moved since the order was submitted.
Vulnerability Detail
This is the normal behavior for a stop-loss order in financial markets: "A stop-loss order becomes a market order as soon as the stop-loss price is reached. Since the stop loss becomes a market order, execution of the order is guaranteed, but not the price." - https://www.wikihow.com/Set-Up-a-Stop%E2%80%90loss-Order . In the GMX system, stop-loss orders will be unexecutable if the price has moved since the order was submitted to the mempool, because the primary and secondary prices are required to straddle the trigger price.
Another way this could happen is if there's an oracle outage, and the oracles come back after the trigger price has been passed.
Impact
Since the stop-loss will revert if a keeper tries to execute it, essentially the order becomes wedged and there will be no stoploss protection.
Consider a scenario where the price of token X is $100, and a user who is long is in a profit above $99, but will have a loss at $98, so they set a stoploss with a trigger price of $99 and submit the order to the mempool. By the time the block gets mined 12 seconds later, the primary and secondary prices are $97/$96, and the order becomes unexecutable.
Code Snippet
Stop-loss orders revert if the primary price and secondary price don't straddle the trigger price
https://github.com/sherlock-audit/2023-04-gmx/blob/main/gmx-synthetics/contracts/order/BaseOrderUtils.sol#L270-L286
The revert is allowed to cause the order to fail:
https://github.com/sherlock-audit/2023-04-gmx/blob/main/gmx-synthetics/contracts/exchange/OrderHandler.sol#L263-L270
Tool used
Manual Review
Recommendation
Don't revert if both the primary and secondary prices are worse than the trigger price.
The text was updated successfully, but these errors were encountered: