Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Decimal Precision Mismatch in Health Factor Calculations could affect liquidation decisions.

allamloqman

Summary :

The LendingPool contract contains a critical decimal precision mismatch between getUserDebt (27 decimals - RAY) and calculateHealthFactor (18 decimals - WAD), resulting in severely undervalued health factors and incorrect liquidation triggers.

Vulnerability Details :

The issue exists in LendingPool.sol:

function getUserDebt(address userAddress) public view returns (uint256) {
UserData storage user = userData[userAddress];
return user.scaledDebtBalance.rayMul(reserve.usageIndex); // Returns 27 decimals (RAY)
}
function calculateHealthFactor(address userAddress) public view returns (uint256) {
uint256 collateralValue = getUserCollateralValue(userAddress); // 18 decimals
uint256 userDebt = getUserDebt(userAddress); // 27 decimals
uint256 collateralThreshold = collateralValue.percentMul(liquidationThreshold); // 18 decimals
return (collateralThreshold * 1e18) / userDebt; // Incorrect decimal handling
}

For example :

Collateral = 100 ETH (100 * 1e18)
Debt = 50 ETH
Actual debt from getUserDebt = 50 * 1e27 (RAY precision)
Health Factor Calculation:
(100e18 * 0.8 * 1e18) / (50e27) = 1.6e-9

Impact :

  1. Health factors are calculated ~1e9 times smaller than they should be, cause all Positions appear extremely unhealthy when they are safe , therefore , Direct financial loss to users through unnecessary liquidations

Tools Used :

Manuel review .

Recommendations :

Update calculateHealthFactor to use proper RAY math.

Updates

Lead Judging Commences

inallhonesty Lead Judge
3 months ago
inallhonesty Lead Judge 3 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.