Users can frontrun bad liquidations with a withdrawal from the Liquidation Pool to avoid losses.
Summary
Users can frontrun liquidation calls of bad debts to avoid having their euros token slashed. The losses are therefore socialized to the rest of the users.
Vulnerability Details
In the distributeAssets function of the LiquidationPool contract, after a successful liquidation, stakers lose some of their staked euros tokens in exchnage for a part of the collateral of the liquidated user. In case of a bad debt, the collateral received will be of a lower value than the euros tokens burnt. In this case, stakers can frontrun the liquidation calls and withdraw their stake to avoid the slashing.
Impact
The contract implements a timelock system for deposits into the system. However no such system exists for withdrawals, making it possible for users to unstake from the system at a moment's notice. The issue with this approach is that stakers, or the liquidators themselves, can withdraw out their tokens before the liquidation call, and the deposit back in after the bad liquidation has been processed. This way, they can avoid having their euros tokens slashed.
Tools Used
Manual Review
Recommendations
Consider adding either an unstaking fee or time lock system for withdrawals. This will prevent users from frontrunning bad liquidations.
Lead Judging Commences
frontrun-distrubutefees
frontrun-feedist-low
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.