globalShortAveragePrices
, which directly impacted AUM calculations used for GLP token minting and redemption. The attacker used reentrancy to establish massive short positions within a single transaction, artificially inflating GLP prices.
The critical vulnerability chain:
executeDecreaseOrder
accepted a contract address instead of EOA