According to the contract design of DSCEngine, a defaulter is supposed to be eligible for liquidation when their health factor falls below MIN_HEALTH_FACTOR. However, the current implementation allows the user to liquidate themselves and retrieve all their collateral without any penalty for defaulting. This is not intended behavior, as a separate liquidator user should perform liquidation.
Although this loophole doesn't result in a loss of funds for the protocol, it undermines one of the core functionalities of the protocol by providing defaulters with an incentive to default.
Manual Review
To address this issue, add the line of code below to the DSCEngine::liquidate() function:
This requirement ensures that only users other than the defaulter can initiate the liquidation process, preventing defaulters from exploiting the system for their benefit.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.