CreditDelegationBranch::settleVaultsDebt cannot settle vault debt
Summary
The function CreditDelegationBranch::settleVaultsDebt has issue with debt check. The condition if (ctx.vaultUnsettledRealizedDebtUsdX18.lt(SD59x18_ZERO)) checks if the vault is in debt. However, vaults in debt have ctx.vaultUnsettledRealizedDebtUsdX18 > 0, so this check fails to execute what it's supposed to do
Vulnerability Details
When vaults are in debt, it has more marketsRealizedDebtUsd than deposited USDC. So it is required to swap asset to USDC to settle debt. But according to current implementation, it does the opposite. Inside settleVaultsDebt, it swaps USDC to asset even when debt is positive. Vault's unsettledRealizedDebtUsdX18 is calculated by subtracting depositedUsdc from marketsRealizedDebtUsd. So when debt is positive, there is more usd issued in vault's connected markets than deposited USDC in vault
Impact
Vaults in debt do not settle their debt because the condition is incorrect rather it is increasing debt and in else section it is increasing credit. This will imbalance the vault and the vault will continue to accumulate debt, usd tokens will lose USDC backing if dent is not handled correctly
Recommendations
Change:
To:
Lead Judging Commences
settleVaultDebt functions in opposite direction because of `ctx.vaultUnsettledRealizedDebtUsdX18.lt(SD59x18_ZERO)` having an inversed comparator (should have been gt)
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.