DittoETH

Summary

When users place short orders, they need to over-collateralize their positions, ensuring that it's above a set collateral ratio (CR). While these orders can stay in the system for an indefinite time, the system allows adjustment of the protocols collateral ratios. A potential issue could arise as the system doesn’t verify whether the lingering orders still comply with the new ratios when they are matched, creating a scenario where orders can be matched at an unhealthy rate, or in extreme cases, they can be instantly liquidated.

Vulnerability Details

The protocol has the ability to modify the collateral ratios through functions like setInitialMargin, setPrimaryLiquidationCR, and setSecondaryLiquidationCR. However, when orders are lingering in the system and then finally matched, the protocol does not reassess whether the order still adheres to the newly adjusted ratios. This means, if the ratios are increased while an order is still waiting to be matched, it could lead to a situation where the order is matched but is below the newly set healthy rate, causing it to be instantly liquidated.

Here’s a hypothetical scenario:

1. A user places a short order, over-collateralizing it as per the current ratios.

2. The order remains unmatched for a while.

3. In the meantime, the protocol’s set ratios are increased.

4. Finally, the order gets matched without revalidation against the new ratios.

5. The order is potentially at an unhealthy rate and could face instant liquidation.

Impact

This flaw could lead to unintentional and sudden liquidation of user positions that were initially considered healthy according to the earlier set ratios.

Tools Used

Manual Analysis

Recommendations

Introduce a validation step when an order is matched to check whether it complies with the current set ratios.