The Standard
The Standard
DeFiHardhat
20,000 USDC
View results
Previous Next
Submission Details
Severity: low
Valid

If a token is removed from `acceptedTokens`, liquidators won't receive reward

nmirchev8

Summary

I mark the following vulnerability with L, because the probability is low, but the impact is heavy and depending on protocol plan on how to manage tokens, impact could be bigger
Currently there is a whitelist with allowed tokens for collateral when a user borrows. The problem is that on every action, the list is fetched and iterated.

Vulnerability Details

If a user borrow 100 euro with 200 USDC as collateral, but in some time team decides to remove USDC, because of it's blacklist feature and that it not working well with it. In that moment borrower position would immediately be counted as unhealthy, because euroCollateral is looping trough all accepted tokens dynamically. Two bad impacts from here:

Impact

  • User vault can be liquidated, without he having fault

  • If the position is really liquidatable, the funds won't be transferred to stakers, because again only funds inside acceptedTokens are used

Tools Used

Manual Review

Recommendations

  • Save accepted tokens in storage on vault deployment, if you plan to maintain different acceptedTokens and safely remove items

Updates

Lead Judging Commences

hrishibhat Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

remove-token

hrishibhat Lead Judge
over 1 year ago
hrishibhat Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

removetoken-low

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.