Core Contracts

Summary

Due to a discrepancy in the DebtToken burn process, the user’s scaled debt balance is reduced by an incorrect amount. This miscalculation leads to an artificially low debt value, which adversely affects all functions that rely on user.scaledDebtBalance. In particular, this flaw may allow users to withdraw NFT collateral or close liquidation even when they are undercollateralized.

Vulnerability Details

1. Inconsistent DebtToken Burn Calculation:
   The DebtToken burn function returns a scaled burn amount (amountBurned) which is then subtracted from the user's scaledDebtBalance. However, the actual tokens burned do not match the intended scaled value because the burn function internally calls:

   _burn(from, amount.toUint128());

   Instead of burning the scaled amount. This results in an incorrect reduction of user.scaledDebtBalance.

2. Collateral Withdrawal Impact:
   In the withdrawNFT function, the user's debt is recalculated as:

   uint256 userDebt = user.scaledDebtBalance.rayMul(reserve.usageIndex);

   Because user.scaledDebtBalance is underestimated due to the burn miscalculation, the computed userDebt is lower than the actual debt. The withdrawal check:

   if (collateralValue - nftValue < userDebt.percentMul(liquidationThreshold)) {

   revert WithdrawalWouldLeaveUserUnderCollateralized();

   }

   may pass erroneously, allowing the user to withdraw an NFT even when the remaining collateral is insufficient to cover the true outstanding debt.

3. Liquidation Closure Impact:
   In the closeLiquidation function, the protocol checks:

   if (userDebt > DUST_THRESHOLD) revert DebtNotZero();

   Here, userDebt is derived from the misrepresented user.scaledDebtBalance. As a consequence, a user might appear to have a negligible debt (i.e., below the DUST_THRESHOLD) even though their actual debt is higher. This permits the user to close the liquidation state prematurely, escaping the need to fully repay the underlying debt.

Impact

• Under-Collateralized NFT Withdrawals:
  The artificially low debt balance may allow users to withdraw NFT collateral that should remain locked. This exposes the protocol to significant risk, as the withdrawn NFT may have been essential to cover the true debt. If borrowers default later, the protocol might face losses due to insufficient collateral backing.

• Premature Liquidation Closure:
  Users under liquidation might be able to clear the liquidation state by exploiting the reduced debt calculation. Exiting liquidation without fully repaying the debt jeopardizes the protocol’s risk management, potentially allowing users to persist with undercollateralized positions and increasing systemic risk.

• Widespread Protocol Instability:
  Since user.scaledDebtBalance is a core variable for calculating interest accrual, collateral ratios, and triggering liquidations, any inaccuracy can propagate throughout the protocol. This misalignment might lead to cascading financial imbalances, undermining the platform's integrity and trust among its participants.

Tools Used

Manual review

Recommendations

1. Correct the Burn Function:
   Ensure that the actual tokens burned match the intended scaled value. This may involve adjusting the _burn call to use the scaled amount:

   _burn(from, amountScaled.toUint128());

   so that the returned amountBurned accurately reflects the reduction in the user’s scaled debt.

2. Revise Debt Update Logic:
   Update the repayment process in _repay to accurately subtract the correct amount from user.scaledDebtBalance, ensuring that all subsequent calculations (e.g., in withdrawNFT and closeLiquidation) rely on accurate debt figures.

3. Strengthen Collateral and Liquidation Checks:
   Reassess and update the logic in collateral withdrawal and liquidation closure functions to account for potential discrepancies in debt calculation. This includes revalidating the collateral sufficiency and DUST_THRESHOLD conditions.