Event in secondaryLiquidation could be misused to show false liquidations
Summary
The liquidateSecondary function in the protocol is designed to emit events detailing the specifics of liquidation, which can be crucial for other protocols or front-end integrations that track secondary liquidations within the protocol. One of the values emitted is batches, which indicates which positions got liquidated. However the function emits the batches array as it initially receives it, even though it may skip positions that are not eligible for liquidation during its execution. This implies that the emitted event could represent incorrect data, indicating positions as liquidated even if they were not, due to their ineligibility.
Impact
This inconsistency in the emitted event data can lead to incorrect data, indicating positions as liquidated even if they were not.
Tools Used
Manual Analysis
Recommendations
Modify the batches array before emitting it in the event, ensuring it accurately reflects the positions that were actually liquidated.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.