Core Contracts

Regnum Aurum Acquisition Corp

HardhatReal World AssetsNFT

77,280 USDC

View results

Previous Next

Submission Details

Severity: medium

Valid

Liquidity Drift: Unbalanced Reserve Growth Due to Missing Rebalancing on Repayments

iamephraim

Summary

Fails to rebalance liquidity when users repay borrowed reserved assets into the Lending Pool. The _rebalanceLiquidity function is missing in the repay functions which will overtime cause a liquidity buffer inflation, capital inefficiency and create room for possible draining of the liquidity vault with excessive borrows.

Vulnerability Details

Every in-flow and out-flow of the reserve asset tokens are rebalanced to maintain a desired buffer ratio between the buffer and the Curve vault. Observe how this happens in the deposit, withdraw, and borrow function.

https://github.com/Cyfrin/2025-02-raac/blob/89ccb062e2b175374d40d824263a4c0b601bcb7f/contracts/core/pools/LendingPool/LendingPool.sol#L233
https://github.com/Cyfrin/2025-02-raac/blob/89ccb062e2b175374d40d824263a4c0b601bcb7f/contracts/core/pools/LendingPool/LendingPool.sol#L260
https://github.com/Cyfrin/2025-02-raac/blob/89ccb062e2b175374d40d824263a4c0b601bcb7f/contracts/core/pools/LendingPool/LendingPool.sol#L366

This is missing in the repay function where borrowers are expected to return loans. Each time a loan is repaid, liquidity increases but excesses won't be deposited into the vault. Over time, these accumulated assets sit idle instead of being put to earn yield. This vulnerability has the tendency to introduce more possible risk like:
- Interest Rate Manipulation & Farming
  
  Attackers could borrow large amounts, triggering frequent withdrawals from the Curve vault.
  Then, they repay their loans, but since repays don’t rebalance liquidity, the funds stay in the idle buffer instead of being redeposited. Over time, this shrinks the vault balance, affecting yield and potentially increasing borrowing rates unnecessarily.
- Capital Inefficiency in Yield Strategies
  
  The Curve vault is expected to generate additional returns for the protocol, failing to rebalance after repayments means: Fewer funds are actively earning yield. Protocol revenue from vault deposits is lower than expected.

Impact

Inflation of liquidity buffer over time
Capital inefficiency for the Protocol
Possible vault draining with excessive borrow

Tools Used

Manual review.

Recommendations

Call the _rebalanceLiquidity function when repaying borrowed reserved assets.

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago

Submission Judgement Published

Validated

Assigned finding tags:

LendingPool::finalizeLiquidation or repay doesn't call _rebalanceLiquidity, leaving excess funds idle instead of depositing them in Curve vault for yield

Prize pool breakdown

Total prize

77,280 USDC

nSLOC

3,864

20 USDC / LOC

High Medium

74,000

Low

3,280

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!