Unrestricted Liquidation Initiation
Summary
The initiateLiquidation() function allows anyone to flag users for liquidation if their health factor drops below 1e18, enabling griefing attacks that lock users in a grace period. This medium-impact, medium-likelihood vulnerability disrupts user access to NFTs and borrowing without direct attacker profit, clogging system operations.
Vulnerability Details
Any caller can trigger initiateLiquidation() when a health factor falls below 1e18. Example:
User’s 5 NFTs (5000 crvUSD) and 4000 crvUSD debt yield a health factor of 0.95e18.
Attacker calls initiateLiquidation(), locking the user in a 3-day grace period.
User can’t withdraw 5000 crvUSD in NFTs or borrow further.
Repeated across users, this hampers functionality.
Impact
Users lose temporary control over assets (e.g., 5000 crvUSD), a medium-impact disruption. The medium likelihood arises from natural price fluctuations triggering low health factors, making griefing feasible and potentially widespread, straining system usability.
Tools Used
Manual Code Review: To confirm lack of access control in initiateLiquidation().
Recommendations
Restrict callers to stakeholders:
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.