Combining short records might delay the liquidation time
Summary
Combining short records might delay the liquidation time.
Vulnerability Details
The time difference between now and updatedAt of a short determines its liquidation time, which is a pivotal factor in deciding the liquidation phase of a short. The 3 distinct phases are
#1 Pre-Primary Liquidation: No liquidation allowed.
#2 Between Primary and Secondary Liquidation: Only the flagger can liquidate.
#3 Post-Secondary, Pre-Reset Liquidation: Anyone can start liquidation.
where stage 1 has the shortest duration since the updatedAt time, while stage 3 has the longest.
When combining multiple shorts into one, the system uses the most recent updatedAt of all the original shorts.
Refer to ShortRecordFacet#combineShorts
Malicious traders can exploit this by combining many shorts with one having the latest healthy updatedAt, thus prolonging their short positions.
Impact
Short records which are meant to be liquidated, would get held back.
Analysis Method
Manual
Recommendations
There are some ways to solve this. I would suggest
Instead of just taking the most recent updatedAt from all shorts for a combined record, it's better to use an average. For example, if Alice has three shorts:
1st updatedAt = 4 hour ago
2nd updatedAt = 6 hours ago
3rd updatedAt = 8 hours ago
When you combine them, the new updatedAt should be 6 hours, the average of all three. This is a fairer method than just taking the latest time which is 4 hours ago as the updatedAt value.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.