`distributeAssets` is at risk of DoS
Summary
If the collateralToken/acceptedToken decimals is greater than 18, then distributeAssets will always revert due to an underflow.
The list of acceptedTokens comes from TokenManager which is now a live contract and as i checked, it is possible to add a token with more than 18 decimals:
It means it is possible that in future there will be a token with more than 18 decimals in acceptedTokens and the sponsor has confirmed this and said this should be reported.
Vulnerability Details
There are some tokens with more than 18 decimals (e.g NEAR with 24 decimals), So if a token with more than 18 decimals gets added into acceptedTokens then the distributeAssets will underflow:
The above line is calculating how much EUROs should be burnt against that amount of collateral which is liquidated, as you can see there is 18 - asset.token.dec.
Actually the asset.token.dec is referring to the acceptedTokens (the tokens that the borrower should provide to borrow EURO), So if a token with more than 18 decimals gets added into acceptedTokens what will happen (e.g NEAR with 24 decimals) ?
(18 - asset.token.dec) = 18 - 24 = -6
So it causes an underflow then reverts all the transactions.
Impact
distributeAssets will be out-of-service.
Tools Used
Manual Review
Recommendations
Consider checking if token decimals is greater than 18.
Lead Judging Commences
informational/invalid
informational/invalid
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.