Rounding error in calculation _calculateHealthFactor()
Summary
An issue arises in DSCEngine.sol _calculateHealthFactor method when the USD value of the collateral is less than 2. The resulting health factor calculation is inaccurate due to integer truncation in Solidity. This problem could lead to user loosing funds as small quantities of collateral may not be redeemable when technically they should be.
Vulnerability Details
The specific issue occurs within the _calculateHealthFactor method in DSCEngine.sol. When the value of the collateral in USD is less than $2, such as $1.5, and the totalDscMinted is 1, the computed health factor becomes invalid. The reason behind this due to integer truncation in Solidity, leading to truncation to 0 which is not the correct output.
Impact
User can loos funds as they might be unable to redeem small amounts of collateral based on their position's health even when technically it should be possible.
Tools Used
Slither:
DSCEngine._calculateHealthFactor(uint256,uint256) (src/DSCEngine.sol#337-345) performs a multiplication on the result of a division:
collateralAdjustedForThreshold = (collateralValueInUsd * LIQUIDATION_THRESHOLD) / LIQUIDATION_PRECISION (src/DSCEngine.sol#343)
(collateralAdjustedForThreshold * 1e18) / totalDscMinted (src/DSCEngine.sol#344)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#divide-before-multiply
Recommendations
To avoid truncation and ensure a precise health factor calculation, the _calculateHealthFactor() function can be refactored as follow:
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.