Loss of user funds due to Unfair Liquidation
Summary
NFTs newly deposited by a user who is already being marked for liquidation will still get liquidated although they have no impact on the loan.
Vulnerability Details
When a user is marked for liquidation, they have a grace period within which they can call closeLiquidationto reduce debt and prevent this from happening. However, if the user still deposits** more NFTs as collateral (In an attempt to improve healthFactor) **these newly added NFTs are still liquidated when finalizeLiquidation is called because the process loops through the entire nft array and liquidates everything.It does not check whether some NFTs were added after liquidation was initiated. This leads to unintended and unfair collateral loss, even though the newly added NFTs were never part of the original liquidation decision.
All NFTs deposited from the time initiateLiquidation is called will still get liquidated if the user failed to closeLiquidation within the grace period.
Impact
Users lose NFTs that were never supposed to be liquidated.
Tools Used
Manual Review
Recommendations
Implement a check to stop more NFT deposits when a user has been marked for liquidation.
Lead Judging Commences
Users can deposit NFTs using LendingPool::depositNFT while under liquidation, leading to unfair liquidation of NFTs that weren't part of original position
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.