Summary

There are certain tokens like USDC which have blacklisting functionality which allows the USDC protocol to blacklist a user from performing transactions and the transactions will get reverted.
If the standard protocol adds such a token in future then it will lead to reverting of the liquidation of vaults for that particular token which in turn prevents vault from getting liquidated.
Because of a single token revert due to blacklisted vault the whole transaction for vault liquidation will revert and thus it cannot be liquidated.

Vulnerability Details

The vulnerability lies inside the SmartVaultV3 contract inside the liquidateERC20 function where if in case the vault is blacklisted by a token then the whole transaction will revert, preventing the vault from getting liquidated.

Here, safeTransfer function is used for token transfers from undercollateralized vault to the protocol address, thus if even a single token blacklists the vault cause the whole transaction to revert preventing vault from getting liquidated for other tokens.

Consider the case where the undercollateralized vault has large amount of LINK token but also contains the other token which has blacklisted the vault and the balance of that token for vault is very small. But, the revert from the transfer of that token that blacklisted the vault will also prevent transfer of LINK token, leading to severe loss of the protocol.

Impact

• Vault can never be liquidated.

Tools Used

Manual Review

Recommendations

Use simple transfer instead of safe transfer so that liquidation is not reverted for vault being blacklisted by token and should continue liquidating for other tokens.