15,000 USDC
View results
Submission Details
Severity: high

`burnDsc` function allows undercollateralized users to burn their dsc and avoid liquidation.

Summary

In the burnDsc function a user can burn his dsc even if he is under the 200% collateralization ratio.

Vulnerability Details

In the brunDsc function, the function first calls _burnDsc before _revertIfHealthFactorIsBroken is called. Because of this, a user who is undercollateralized and about to be liquidated. The user can just call the _brunDsc and burn all of his Dsc leaving him with 0 Dsc. then _revertIfHealthFactorIsBroken is called and since the user now has 0 Dsc and only collateral, his health factor will come out as healthy and therefore an under-collateralized user can avoid liquidation and leave the protocol with bad debt.

Impact

Protocol will become undercollateralized over time. Complete loss of funds for the protocol.

Tools Used

Manual review

Recommendations

calculate health factor first before burning.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.