Collateral/Debt balance solvency manipulation
Summary
The protocol may appear to be solvent while being insolvent because collateral can be deposited on the protocol without any debt being issued in parallel.
Vulnerability Details
Since users can deposit collateral through depositCollateral() without taking on debt (Dsc minting). The protocol collateral/debt balance can be inflated. Moreover, the same users can redeem their collateral through redeemCollateral() without any check on restriction. Therefore if the collateral/debt balance seemed solvent but wasn't due to the fact that part of the collateral wasn't backed by debt, and the user retrieve his collateral through redeemCollateral(), the protocol can find itself insolvent instantly.
Impact
Imagine the following scenario:
Collateral Deposit without Underlying Debt
Eve, holding a substantial amount of tokens, decides to deposit a portion into the DSCEngine contract using the depositCollateral() function. This action inflates the apparent value of the contract, making it appear more solvent than it is in reality. Eve has not borrowed anything from the system, so there's no debt backing this collateral.
Collateral Redemption at Will
Bob, a system user, checks the solvency of the DSCEngine and finds it to be robust, largely due to Eve's significant deposit. Believing in the system's soundness, Bob decides to deposit some of her assets as well and borrows against it.
Later, Eve decides to withdraw his collateral by calling the redeemCollateral() function, which is allowed as there are no restrictions on this function, and he had no underlying debt. The overall solvency of the DSCEngine contract drops significantly.
System Appears Insolvent, Effects on Users
Alice, another user, examines the solvency of the DSCEngine contract after Eve's withdrawal and finds it much less solvent than before. This sudden drop in solvency could prompt Alice to also withdraw her collateral out of fear, which would further destabilize the system.
Meanwhile, Bob, who believed the system was solvent when she made her deposit and loan, could be at risk if too many users follow Alice's actions, potentially leading to a liquidity crunch.
Potential for System Manipulation
Given the current system design, Eve and a group of users with significant funds could repetitively deposit and withdraw collateral to manipulate the perceived solvency of the DSCEngine contract, inducing panic or false confidence in other users like Alice and Bob. This manipulation contradicts the decentralized, trust-based nature of the system.
This scenario illustrates the implications of the vulnerability and how users could potentially misuse it.
Tools Used
Manual review
Recommendations
Prevent users from depositing collateral without issuing debt.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.