only the portion that needs to be taken out to balance the user's health factor in liquidate() should be removable not the entire collateral.
Vulnerability Details
Liquidation can be exploited by the liquidator to maximize their gains at the expense of the defaulter, resulting in the liquidation of almost all of the defaulter's collateral. To address this, the liquidate code should be updated to ensure that the liquidator can only withdraw an amount that is necessary to help the defaulter recover their account to a healthier state. Currently, the liquidator can use debtToCover to liquidate the entirety of the defaulter's collateral, leaving the defaulter with very little.
Impact
Due to excessive liquidation, the user may experience losses of some or all of their tokens, as the liquidation occurs at a discount rather than at par or premium.
Tools Used
Manual Review
Recommendation
To mitigate this issue, it is advisable to modify the code and restrict liquidators to withdraw only the number of tokens required to restore the user's health factor. This safeguard will prevent excessive liquidation and potential losses for the user.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.