Core Contracts

Summary

The LendingPool.sol contract uses a grace period to allow users to repay their debt after liquidation is initiated. However, if the protocol is paused during this grace period, users lose their opportunity to repay since all functions including liquidation-related ones are blocked by the whenNotPaused modifier. This can lead to unfair liquidations as users are prevented from saving their positions during the pause duration.

Vulnerability Details

The LendingPool.sol contract implements a liquidation system with a grace period where users can repay their debt to avoid liquidation. However, all functions including repay() and closeLiquidation() have the whenNotPaused modifier. If the protocol is paused during a user's grace period and remains paused for a duration that exceeds the remaining grace period, the user loses their chance to repay their debt and save their position.

So a user can be liquidated during this down period.

Impact

High - User is forced into liquidation resulting in loss of funds.

Likelihood

Low - Deemed low because it would require the protocol to be paused for a time period greater than the grace period and a user to be initiated into liquidation before protocol being paused.

Severity

High x Low = Medium

Proof of Concept

1. User position becomes eligible for liquidation

2. Liquidation is initiated with 3-day grace period starting

3. After 1 day, protocol is paused for emergency

4. Pause lasts for 3 days

5. When protocol unpauses, user's grace period has expired

6. User can no longer repay and save their position

7. Position becomes forcefully liquidated

NOTE: proof of code not provided as vulnerability is simple to understand

Recommendations

Few approaches:

1. Add pause duration compensation

2. Create separate emergency pause levels that don't affect liquidation functions