Missing Solvency Check in repay function
Summary
The repay() function does not check whether the user is still undercollateralized . Or undercollateralized before repay their debt This create a potential issues where users can repay small amounts without resolving their liquidation risk or conversely, when a users fully repaid users remain flagged for liquidation.
Vulnerability Details
The
repay()function does not verify whether a user is undercollateralized before processing a repayment.An undercollateralized users can repay dust amounts without significantly improving their solvency.
This delays liquidators from acting, leading to potential debt accumulation
No automatic exits from under liquidation
(isUnderLiquidation[user] == true) and fully repays their debt, the contract does not automatically updates their liquidation status.This could cause the user to remain flagged for liquidation indefinitely
Scenario: A borrower with a bad debt position could keep making small repayments, preventing full liquidations while keeping their position risky for the protocol
Scenario: A fully repaid borrower remains under liquidation cause the contract does not automatically recheck solvency
Impact
Bad debt accumulation
Delayed liquidation
Locked funds and unfair liquidations
Tools Used
Manual Review
Recommendations
Before accepting repayment, check if the user is under liquidation and whether the repayment improves solvency
Requires that repayments above a threshold actually improve the users health factor before processing them
Prevent user from making uneconomical repayments that don’t meaningfully affect their liquidation status
Lead Judging Commences
LendingPool::finalizeLiquidation() never checks if debt is still unhealthy
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.