Summary

The DSCEngine.liquidate function only succeeds when the health of the account to be liquidated is restored (Link).

The issue is that liquidations might not be possible.

The account might hold different collaterals and liquidating any one of them is insufficient to bring up the health factor.

Vulnerability Details

Imagine a situation where there are 4 collaterals:
Token A, B, C, D

There are tokens minted and the value for each collateral is $100 (the collateral has lost value), which means that the total collateral value is .

Assuming DSC is 200% collateralized the account is now liquidatable.

However the account cannot be liquidated because by liquidating any of the collaterals we can only achieve a collateralization ratio of (without even considering the liquidation bonus which lowers the actual liquidation ratio that we can achieve).

Impact

It might be impossible to liquidate accounts in the case that there are quick drops in the collateral value.
So the user does not have to fear liquidation and can restore his account health when he wants.

Also the protocol runs into the risk of accruing bad debt which can cause DSC to depeg from USD.

Tools Used

Manual Review

Recommendations

It doesn't seem necessary to check that the health factor is restored after a call to liquidate.

What's important is that the account health is improved which is ensured by this check:

Link

So I recommend to remove the line that reverts when the health is not restored (Link).