`Repay` and `closeLiquidation` should be one operation
Summary
Currently, when a user repays their debt, they must subsequently trigger the closeLiquidation function. However, due to potential blockchain reorganizations (reorgs) or other timing issues, the closeLiquidation function may not be executed on time or may be executed before the repayment transaction. This can lead to unintended liquidations even after the debt has been repaid.
Vulnerability Details
Consider the following scenario:
A user repays their debt in the final seconds of the liquidation grace period.
The user then triggers the
closeLiquidationfunction, but due to a blockchain reorg, this transaction is executed in the next block.By the time the
closeLiquidationtransaction is processed, the grace period has already expired, resulting in the position being liquidated despite the debt having been fully repaid.
Impact
The separation of repayment and closeLiquidation transactions can lead to unfair liquidations of positions even after the debt has been repaid. This undermines user trust and can result in financial losses for users who acted in good faith to repay their debts.
Tools Used
Manual review
Recommendations
To mitigate this issue, the repayment and closeLiquidation operations should be combined into a single atomic transaction. This ensures that both actions are executed together, eliminating the risk of timing issues or reorgs causing unintended liquidations.
Lead Judging Commences
A borrower can LendingPool::repay to avoid liquidation but might not be able to call LendingPool::closeLiquidation successfully due to grace period check, loses both funds and collateral
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.