Core Contracts

Regnum Aurum Acquisition Corp

HardhatReal World AssetsNFT

77,280 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

Modifying of grace period can lead to unfair liquidations

avci

Summary

The LendingPool contract allows the owner to modify the liquidation grace period after a liquidation has been initiated. This can lead to unexpected and unfair liquidations if the owner reduces the grace period, causing it to expire immediately for users who are already under liquidation.

Vulnerability Details

In the LendingPool contract, when a user is put under liquidation, they have a grace period to repay their debt and avoid liquidation. However, the owner has the ability to change this grace period at any time through the setParameter() function:

function setParameter(OwnerParameter param, uint256 newValue) external override onlyOwner {

if (param == OwnerParameter.LiquidationGracePeriod) {

require(newValue >= 1 days && newValue <= 7 days, "Invalid grace period");

liquidationGracePeriod = newValue;

emit LiquidationParametersUpdated(liquidationThreshold, healthFactorLiquidationThreshold, liquidationGracePeriod);

}

// ...other parameters

}

The closeLiquidation() function where the grace period check uses the current liquidationGracePeriod value rather than the value that was in effect when the liquidation was initiated:

function closeLiquidation() external nonReentrant whenNotPaused {

address userAddress = msg.sender;

if (!isUnderLiquidation[userAddress]) revert NotUnderLiquidation();

// update state

ReserveLibrary.updateReserveState(reserve, rateData);

if (block.timestamp > liquidationStartTime[userAddress] + liquidationGracePeriod) {

revert GracePeriodExpired();

}

// ...rest of the function

}

Unfair scenario:

User A gets liquidated with a 3-day grace period
After 2 days, the owner changes the grace period to 1 day
User A's grace period immediately expires even though they should have 1 more day to repay
The liquidation can be finalized immediately, resulting in an unfair liquidation

Impact

Users can unexpectedly lose their grace period due to owner actions

Tools Used

Manual Review

Recommendations

Store the grace period duration with the liquidation data when liquidation is initiated:

// Store current grace period with the liquidation

liquidationGracePeriods[userAddress] = liquidationGracePeriod;

Updates

Lead Judging Commences

inallhonesty Lead Judge 3 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

77,280 USDC

nSLOC

3,864

20 USDC / LOC

High Medium

74,000

Low

3,280

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.