Core Contracts

Summary

The LendingPool::setParameter function, restricted to trusted owners via the onlyOwner modifier, lacks proper validation checks when updating critical risk parameters such as liquidationThreshold and healthFactorLiquidationThreshold. While owners are trusted actors, accidental misconfiguration of these parameters could result in the protocol becoming under-collateralized, allowing users to borrow more than their provided collateral, potentially leading to liquidity risks or insolvency.

Vulnerability Details

Vulnerability location: LendingPool::setParameter

The lack of such checks can be catastrophic in cases where owners accidentally set the value healthFactorLiquidationThreshold to values below 1e18 while the liquidationThreshold is 100_00 as it will lead to attackers borrowing a lot more than their collateral.

Written PoC

If both liquidationThreshold and healthFactorLiquidationThreshold are improperly set, the protocol could become under-collateralized, allowing users to borrow more than they should, leading to potential insolvency.

Example Scenario:

Current State:

• liquidationThreshold = 85_00 (85%)

• healthFactorLiquidationThreshold = 1.0

• Users need to maintain at least 85% collateral relative to their borrow amount.

Misconfiguration:

• liquidationThreshold = 100_00 (100%)

• healthFactorLiquidationThreshold = 0.8

This effectively allows users to borrow up to the full value of their collateral, and even if the collateral value drops by 20%, they remain safe from liquidation due to the low health factor threshold.

Result:

• A user deposits 100$ worth of collateral and borrows 100$ in stablecoins.

• If the collateral value drops to $85, the user is still above the 0.8 threshold (85/100 = 0.85), avoiding liquidation.

• The protocol now holds only $85 in collateral for $100 borrowed, creating a $15 shortfall

• Multiple such cases would drain the lending pool, potentially causing insolvency.

Impact

• While the function is restricted to owners (trusted actors), accidental misconfigurations could severely impact protocol solvency

• Intentional misuse (though unlikely) could also cause significant financial loss

• Impact Rating: Medium

Tools Used

• Manual review

Recommendations

• Immediate Fix: Implement strict input validation to ensure liquidationThreshold cannot exceed a safe limit (e.g. BASE_LIQUIDATION_THRESHOL=80%) and healthFactorLiquidationThreshold must always remain above 1.