Submission Details
Severity:
liquidate nft functionality is not implemented in the stability pool contract.
Summary
liquidate nft functionality is not implemented in the stability pool contract.
Vulnerability Details
Following is liquidate nft function in nft liquidator contract
function liquidateNFT(uint256 tokenId, uint256 debt) external {
if (msg.sender != stabilityPool) revert OnlyStabilityPool();
nftContract.transferFrom(msg.sender, address(this), tokenId);
tokenData[tokenId] = TokenData({
debt: debt,
auctionEndTime: block.timestamp + 3 days,
highestBid: 0,
highestBidder: address(0)
});
indexToken.mint(stabilityPool, debt);
emit NFTLiquidated(tokenId, debt);
emit AuctionStarted(tokenId, debt, tokenData[tokenId].auctionEndTime);
}
It can only be called by the stability pool but currently the stability pool doesn't implement any liquidate nft functionality.
Note that the issue is in stability pool so it is in scope not in nft liquidator.
Impact
Cannot liqudate nft therfore nfts are stuck in stability pool contract.
Tools Used
Recommendations
Implement the nft liquidat functionality in the stability pool.
Updates
Lead Judging Commences
inallhonesty 3 months ago
Submission Judgement Published Assigned finding tags:
Liquidated RAACNFTs are sent to the StabilityPool by LendingPool::finalizeLiquidation where they get stuck
Prize pool breakdown
Total prize
77,280 USDC
nSLOC
3,86420 USDC / LOC
74,000
3,280
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.