The purpose of closeLiquidation()
is to transfer reserveAsset back to lending pool and claim NFT from pool. But it's not happening in current implementation.
Same as above.
No actual transfer of funds taking place.
This closeLiquidation()
function can be used by attacker to front-run finalizeLiquidation()
, leading to DOS. as it will set former function will set isUnderLiquidation[userAddress] = false;
; which will revert for later function.
Manual
Implement actual fund tranfer functions in closeLiquidation()
functions.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.