Opyn Gamma - OpenZeppelin
Last updated
Was this helpful?
Last updated
Was this helpful?
Nevertheless, if the user sends more than the necessary ETH for the batch of actions, the remaining ETH (stored in the ethLeft variable after the last iteration) will not be returned to the user and will be locked in the contract due to the lack of a withdrawEth function.
Consider either returning all the remaining ETH to the user or creating a function that allows the user to collect the remaining ETH after performing a Call action type, taking into account that sending ETH with a push method may trigger the fallback function on the callerβs address.
The Protocol uses 2 time-based prices to value all the actions related to assets: live and expired prices.
Here are other examples of things that could cause a market to become insolvent:
The price of the underlying (or borrowed) asset makes a big, quick move during a time of high network congestion.
The price oracle temporarily goes offline during a time of high market volatility. This could result in the oracle not updating the asset prices until after the market has become insolvent.
The admin or oracle steals enough collateral that the market becomes insolvent.
Administrators list an ERC20 token with a later-discovered bug that allows minting of arbitrarily many tokens. This bad token is used as collateral to borrow funds that it never intends to repay.
In any case, the effects of an insolvent market could be disastrous. It may result in a βrun on the bankβ situation, with the last suppliers out losing their money. It is important to know that this risk does exist and it can be difficult to recover from even a small dip into insolvency.
Consider adding a liquidation process to prevent insolvent vaults, carefully selecting the whitelisted assets for the protocol, adding more test units, and running a testnet version to understand how other assets may cause an undercollateralized scenario.
Consider validating if the assets involved in a product have been already whitelisted before allowing the creation of oTokens.
Consider being as general as possible and assuming that these functions may not be implemented in the whitelisted assets.
Update: The Opyn team explained their views regarding this issue in a follow-up discussion. They decided not to implement any fixes and, instead, they will rely on the admin process of whitelisting underlying ERC20 tokens that conform to the requirements of their system. In the future, if the need arises, they intend to upgrade the system to support a broader range of ERC20 tokens.
Nevertheless, at the exact time of expiry, none of the time-based actions will succeed because that moment is not included in either of those 2 conditions and the transaction will revert.
Because it is based on a European option, actions that happen after maturity should be able to be called at the exact time of expiry. Consider including and defining the expiration time to either of the 2 conditions so transactions will not revert.
The withdrawer smart contract does not implement a payable fallback function.
The withdrawer smart contract implements a payable fallback function which uses more than 2300 gas units.
The withdrawer smart contract implements a payable fallback function which needs less than 2300 gas units but is called through a proxy that raises the callβs gas usage above 2300.
Consider preventing an external call on behalf of the Controller contract when the destination address is not a CalleeInterface type of contract and it is not a whitelisted address.
The [Controller contract]() allows users to send arbitrary actions such as possible through the [_call internal function]().
Among other features, it allows sending ETH with the action to then perform a call to a [CalleeInterface type of contract]().
To do so, it saves the original msg.value sent with the [operate function call]() in the [ethLeft variable]() and it after each one of those calls to revert in case that it is not enough.
Update: Fixed in where the payable property is removed from the operate function. However this change also means it is impossible to do outbound calls which require ETH through the operate function.
The are used by the [getExcessCollateral function]() from the MarginCalculator contract to calculate the margin of a vault the oToken expires. After the oToken expires, the is then used to calculate the vault margin.
Because the may not be the same as the or the , it is not guaranteed that the collateralβs expiration price will be higher than its price in any point in the past, when the oToken has not expired yet, resulting in a possible undercollateralized situation for vaults.
Even though collateral assets must be whitelisted to be able to be used in the platform, with the caveat described in the issue oToken can be created with a non-whitelisted collateral asset, assets such as cTokens from Compound that are supposed to gain value over time may suffer a drop in their values due to , which produced a drop in value for cDai token. When the value of all collateral is worth less than the value of all borrowed assets, we say a market is insolvent. In case the platform allows the usage of non-monotonically-increasing price assets, the insolvency may be caused by a simple market price fluctuation.
Although the [AddressBook contract includes a slot for a liquidator manager](), the system currently does not have any liquidation process, any vault is susceptible to becoming insolvent during the payout of the options right after expiration.
Update: Fixed in , the Opyn team restricted all oTokens issued on the protocol to be collateralized with the exact payout asset depending on the oToken type(strike asset for PUT options and underlying asset for CALL options). Although this update restricted what Options the Opyn protocol can issue, it eliminated the risk of protocol become insolvent. We suggest a liquidation component to be ready in the future should the Opyn Team decide to remove PR 355 restriction, and get it thoroughly audited.
A product consists of a set of assets and an option type. Each product has to be whitelisted by the admin using the from the Whitelist contract.
Then, a user can call the from the OtokenFactory with the same assets and option type, and because the product is whitelisted, the will succeed.
However, although the product has been whitelisted, the collateral itself may not be approved. This is because the whitelistProduct() function does not check against the if that collateral is allowed in the platform or not. Therefore, the first engagement with the collateral will appear on from Controller.sol, where the transaction will revert when the user wants to deposit some collateral in their vault.
Update: Fixed in where the collateral asset is required to be whitelisted during the process of whitelisting the product.
A new oToken can be created by calling the from the OtokenFactory contract and passing the whitelisted assets, among other parameters.
During the , the code calls the which retrieves the standardized symbol and name for that oToken.
Nevertheless, the same function , but because the , these external calls may fail if those are not implemented and the oToken will not be created.
Similarly, the decimals() function is optional and ERC20 compliant assets may not include such function. Although in this scenario an oToken could be created using those assets, any action that would trigger the from the Controller contract will revert either in line or from MarginCalculator.sol.
The oToken contract defines an in which certain operations will no longer be active due to the expiration of the option. The option style used for the Protocol is the in which the exercise of the option comes at maturity.
Some actions that can be performed before the expiration time are or ; while after the expiration time it can be or .
Update: Fixed in .
When withdrawing ETH deposits, the [PayableProxyController contract]() uses Solidityβs . This has some notable shortcomings when the withdrawer is a smart contract, which can render ETH deposits impossible to withdraw. Specifically, the withdrawal will inevitably fail when:
To prevent unexpected behavior and potential loss of funds, consider explicitly warning end-users about the mentioned shortcomings to raise awareness before they deposit Ether into the protocol. Additionally, note that the available in OpenZeppelin Contractβs Address library can be used to transfer the withdrawn Ether without being limited to 2300 gas units. Risks of reentrancy stemming from the use of this function can be mitigated by tightly following the and using OpenZeppelin Contractβs [ReentrancyGuard contract](). For further reference on why using Solidityβs transfer() is no longer recommended, refer to these articles:
Update: Fixed in .
The [Controller contract]() is the usersβ front gate. With it, they can interact with the protocol to either open a new vault, deposit collateral or redeem their oTokens.
Besides those actions, the contract allows the execution of a more general transaction to be used as a in other projects by formatting the call with the [CallArgs struct format]().
By doing this, if the user submits that action in the , the call would jump into the to then perform an external call to the in the [callee address]().
However, if the callee address is not a [CalleeInterface based contract]() but it has either a fallback or payable fallback function in it, and the whitelisted addresses, the call coming from the Controller contract will end up executing any code under the fallback function on behalf of the Controller contractβs address. This other address could be either an asset that may be part of the whitelisted assets in the protocol or a future contract of the project that allows the execution of sensitive actions by the Controller contract.
