Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Function Implementation Contradicts Documentation for Debt Repayment During Liquidation

princekay

Description

The closeLiquidation() function's documentation indicates it should allow users to repay their debt, but the implementation does the opposite by reverting when debt exists. This creates a significant discrepancy between the documented behavior and actual code execution.

Affected code

/**
* @notice Allows a user to repay their debt and close the liquidation within the grace period
*/
function closeLiquidation() external nonReentrant whenNotPaused {
address userAddress = msg.sender;
if (!isUnderLiquidation[userAddress]) revert NotUnderLiquidation();
// update state
ReserveLibrary.updateReserveState(reserve, rateData);
if (block.timestamp > liquidationStartTime[userAddress] + liquidationGracePeriod) {
revert GracePeriodExpired();
}
UserData storage user = userData[userAddress];
uint256 userDebt = user.scaledDebtBalance.rayMul(reserve.usageIndex);
// @audit-issue documentation contradicts implementation (if user have debt, the function will revert)
if (userDebt > DUST_THRESHOLD) revert DebtNotZero();
isUnderLiquidation[userAddress] = false;
liquidationStartTime[userAddress] = 0;
emit LiquidationClosed(userAddress);
}

Vulnerability details

The closeLiquidation() function contains a direct contradiction between its documentation and implementation. The @notice comment states the function "Allows a user to repay their debt and close the liquidation within the grace period". However, the actual implementation reverts with DebtNotZero() if the user has any debt above the DUST_THRESHOLD. This means users attempting to follow the documented behavior will experience transaction reverts.

This mismatch creates a confusing user experience where transactions fail despite following the documented function purpose. Users who attempt to close their liquidation while still having debt will face failed transactions and wasted gas fees. The function effectively prevents the very action it claims to enable in its documentation.

Tools Used

Manual Review

Recommended Mitigation Steps

There are two possible approaches to resolve this inconsistency:

  1. Update the documentation to accurately reflect the current implementation:

/**
* @notice Closes an existing liquidation after debt repayment
* @dev Must be called within the grace period and after debt has been repaid
*/
function closeLiquidation() external nonReentrant whenNotPaused {
// ... rest of implementation remains unchanged ...
}

  1. Modify the implementation to match the documented behavior:

function closeLiquidation() external nonReentrant whenNotPaused {
address userAddress = msg.sender;
if (!isUnderLiquidation[userAddress]) revert NotUnderLiquidation();
UserData storage user = userData[userAddress];
uint256 userDebt = user.scaledDebtBalance.rayMul(reserve.usageIndex);
// Allow debt repayment here
_repayDebt(userAddress);
// Verify debt is cleared after repayment attempt
require(user.scaledDebtBalance.rayMul(reserve.usageIndex) <= DUST_THRESHOLD, "Debt not fully repaid");
// Continue with liquidation closure...
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.