Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Valid

Insufficient Liquidation Protection Due to Lack of Health Factor Check

xcrypt

Summary

The closeLiquidation function currently relies on a basic debt check to determine whether a borrower should be removed from liquidation status. However, this approach is insufficient because it does not account for:

  1. Partial Repayments Borrowers may repay just enough to avoid liquidation but still be at risk.

  2. Collateral Value Increase The value of the collateral NFT may increase, improving the borrower's position.

  3. Health Factor Consideration A better metric, such as the health factor, should be used to determine liquidation eligibility.

Without a proper health factor check, borrowers who should be saved from liquidation might still be flagged, and those who manipulate repayments might avoid liquidation unfairly.

Vulnerability Details

Current Implementation of closeLiquidation

function closeLiquidation() external nonReentrant whenNotPaused {
address userAddress = msg.sender;
if (!isUnderLiquidation[userAddress]) revert NotUnderLiquidation();
// Current check is insufficient for liquidation protection
if (block.timestamp > liquidationStartTime[userAddress] + liquidationGracePeriod) {
revert GracePeriodExpired();
}
UserData storage user = userData[userAddress];
uint256 userDebt = user.scaledDebtBalance.rayMul(reserve.usageIndex);
if (userDebt > DUST_THRESHOLD) revert DebtNotZero();
isUnderLiquidation[userAddress] = false;
liquidationStartTime[userAddress] = 0;
emit LiquidationClosed(userAddress);
}

Why This Check is Insufficient

  1. Partial Repayments

    • A borrower may repay just enough to keep their position out of immediate liquidation but still remain undercollateralized.

    • The function currently only checks if the debt is above DUST_THRESHOLD, which is not a reliable liquidation metric.

  2. NFT Collateral Value May Increase

    • The protocol does not reassess the borrower's health based on their NFT collateral value.

    • If the NFT price increases, the borrower's position could improve, meaning they should not be liquidated.

  3. No Health Factor Consideration

    • The contract does not use the standard health factor metric, which considers both the debt and collateral value.

    • A proper check should ensure that the borrower's health factor is above a safe threshold before closing liquidation.

Impact

  • Unfair Liquidations Even if a borrower's collateral value increases, they might still get liquidated due to outdated checks.

  • Loss of Collateral Protection Without health factor validation, liquidation protection mechanisms are weak and unreliable.

Recommendations

Add Health Factor Check to closeLiquidation
Modify closeLiquidation to verify the borrower's health factor before removing them from liquidation.

function closeLiquidation() external nonReentrant whenNotPaused {
address userAddress = msg.sender;
if (!isUnderLiquidation[userAddress]) revert NotUnderLiquidation();
uint256 healthFactor = calculateHealthFactor(userAddress);
// Ensure borrower is solvent before closing liquidation
if (healthFactor < SAFE_THRESHOLD) {
revert LowHealthFactor();
}
isUnderLiquidation[userAddress] = false;
liquidationStartTime[userAddress] = 0;
emit LiquidationClosed(userAddress);
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 3 months ago
Submission Judgement Published
Validated
Assigned finding tags:

LendingPool::finalizeLiquidation() never checks if debt is still unhealthy

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.