In the redeemCollateral
and liquidate
you are not validating the passed collateral token to see if it's allowed or not.
if invalid token is passed both functions will revert but the error message is not user freindly, here is the reason why function revert:
user pass token in redeemCollateral
which is not allowed as collateral, the tx will revert because of underflow in line 285
user pass token in liquidate
which is not allowed as collateral, the tx will revert beacuse of calling a function on address zero in line 345
you can use isAllowedToken
in both functions so if the tx reverted, user knows the reason and it is good user experience
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.