15,000 USDC
View results
Submission Details
Severity: low

Improper Health Factor Assessment During Liquidate Operation

Summary

The DSCEngine contract contains an inverted health factor check in the liquidate function. Instead of verifying that the user's health factor is below the minimum required value (MIN_HEALTH_FACTOR) for liquidation, the function checks if the health factor is greater than or equal to the minimum value. This inconsistency can lead to incorrect liquidation behavior, potential system instability, and confusion in error messages.

Vulnerability Details

The vulnerable code segment is from the liquidate function in the DSCEngine contract:

function liquidate(address collateral, address user, uint256 debtToCover) external moreThanZero(debtToCover) nonReentrant {
// Need to check health factor of the user
uint256 startingUserHealthFactor = _healthFactor(user);
if (startingUserHealthFactor >= MIN_HEALTH_FACTOR) {
revert DSCEngine__HealthFactorOk();
}
// Rest of the liquidation process...
}

Impact

Incorrect Liquidation Behavior: Due to the inverted health factor check, the liquidate function may wrongly permit liquidation for users whose health factor is above the minimum threshold (MIN_HEALTH_FACTOR) while denying liquidation for unhealthy accounts. This can result in an imbalanced system, allowing unhealthy accounts to remain unaffected.

Tools Used

Manual

Recommendations

error DSCEngine__HealthFactorNotImproved();
function liquidate(address collateral, address user, uint256 debtToCover) external moreThanZero(debtToCover) nonReentrant {
// Need to check health factor of the user
uint256 startingUserHealthFactor = _healthFactor(user);
if (startingUserHealthFactor >= MIN_HEALTH_FACTOR) {
revert DSCEngine__HealthFactorNotImproved();
}
// Rest of the liquidation process...
}

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.