An issue arises in DSCEngine.sol
_calculateHealthFactor
method when the USD value of the collateral is less than 2. The resulting health factor calculation is inaccurate due to integer truncation in Solidity. This problem could lead to user loosing funds as small quantities of collateral may not be redeemable when technically they should be.
The specific issue occurs within the _calculateHealthFactor method in DSCEngine.sol. When the value of the collateral in USD is less than $2, such as $1.5, and the totalDscMinted
is 1, the computed health factor becomes invalid. The reason behind this due to integer truncation in Solidity, leading to truncation to 0 which is not the correct output.
User can loos funds as they might be unable to redeem small amounts of collateral based on their position's health even when technically it should be possible.
Slither:
DSCEngine._calculateHealthFactor(uint256,uint256) (src/DSCEngine.sol#337-345) performs a multiplication on the result of a division:
collateralAdjustedForThreshold = (collateralValueInUsd * LIQUIDATION_THRESHOLD) / LIQUIDATION_PRECISION (src/DSCEngine.sol#343)
(collateralAdjustedForThreshold * 1e18) / totalDscMinted (src/DSCEngine.sol#344)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#divide-before-multiply
To avoid truncation and ensure a precise health factor calculation, the _calculateHealthFactor()
function can be refactored as follow:
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.