15,000 USDC
View results
Submission Details
Severity: low
Valid

User health rate is underestimated to be liquidated

Summary

When calculating _calculateHealthFactor, there is an accuracy error of first dividing and then multiplying, which leads to underestimating the user's health.

Vulnerability Details

function _calculateHealthFactor(uint256 totalDscMinted, uint256 collateralValueInUsd)
internal
pure
returns (uint256)
{
if (totalDscMinted == 0) return type(uint256).max;
uint256 collateralAdjustedForThreshold = (collateralValueInUsd * LIQUIDATION_THRESHOLD) / LIQUIDATION_PRECISION;
return (collateralAdjustedForThreshold * 1e18) / totalDscMinted;
}
  1. collateralValueInUsd will first multiply by 50 divided by 100, which is the same as dividing by 2, which has a precision error with only one point.

  2. collateralAdjustedForThreshold will multiply by 1e18, which magnifies the precision error to 1e18.

Let me give you a specific example:

  1. collateralValueInUsd = 101, collateralAdjustedForThreshold = 101 / 2 = 50

  2. totalDscMinted = 50, _calculateHealthFactor = 1e18

  3. liquidate needs healthFactor >= MIN_HEALTH_FACTOR, So the user can be liquidated

  4. But actually the user's healthFactor = 101 * 1e18 / 2 / 50 = 1.01e18 > MIN_HEALTH_FACTOR, users should not be liquidated

Impact

User health rate is underestimated to be liquidated

Tools Used

Manual review

Recommendations

Like the above method, you should multiply by 1e18 before dividing

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.