15,000 USDC
View results
Submission Details
Severity: high
Valid

Liquidation revert when collateralization ratio is low even protocol is not insolvent

Summary

As stated in the comment, there is no way to recover it when protocol is insolvent. However, liquidation could become impossible, even when there is enough funding in the protocol, if the user's collateral ratio is low. An underflow issue during collateral redemption could cause protocol insolvency that cannot be recovered from.

Vulnerability Details

During the liquidation process, the following steps are taken:

  1. The liquidator calculates tokenAmountFromDebtCovered based on the amount of DSC they are repaying on behalf of.

  2. Multiply tokenAmountFromDebtCovered by 1.1 to get totalCollateralToRedeem.

  3. Transfer totalCollateralToRedeem from the person being liquidated to the liquidator.

  4. Burn the DSC that the liquidator repaid on behalf of.

In the third step, if totalCollateralToRedeem is greater than the amount of tokens the person being liquidated has provided as collateral, an underflow occurs, causing the transaction to revert.

function _redeemCollateral(address from, address to, address tokenCollateralAddress, uint256 amountCollateral)
private
{
s_collateralDeposited[from][tokenCollateralAddress] -= amountCollateral; // <= underflow!
emit CollateralRedeemed(from, to, tokenCollateralAddress, amountCollateral);
bool success = IERC20(tokenCollateralAddress).transfer(to, amountCollateral);
if (!success) {
revert DSCEngine__TransferFailed();
}
}

Performing partial liquidation will not result in an underflow, but it will increase the health factor, causing a DSCEngine__HealthFactorNotImproved error. This issue could occur even when the DSCEngine contract has enough funds internally, and if accumulated, could negatively impact the protocol.

uint256 endingUserHealthFactor = _healthFactor(user);
if (endingUserHealthFactor <= startingUserHealthFactor) {
revert DSCEngine__HealthFactorNotImproved();
}

Impact

If this situation occurs frequently, it could lead to the protocol becoming insolvent. This could result in significant financial losses for users and could potentially make the protocol unusable.

Tools Used

VS Code

Recommendations

To prevent this from happening, you could consider removing the health factor check logic. So user can partial liquidate.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.