Root + Impact

Description

• During leveraged position creation, the protocol validates safety by checking that the health factor is greater than 1e18 inside _executeOpenOperation.

  
  

This check assumes the calculated health factor remains valid throughout the entire execution flow. However, opening a leveraged position involves multiple external operations, including flash loans, token swaps via an aggregation router, and Aave supply/borrow interactions.

Because the health factor is validated only once and no safety buffer is enforced, execution-time changes such as swap slippage, oracle updates, or interest accrual may reduce the final health factor below safe levels.

As a result, a position can pass validation but end up very close to — or even below — liquidation threshold immediately after creation.

Risk

Likelihood:

• Swap aggregators introduce unavoidable slippage.

• Market prices may change between calculation and final settlement.

• Lending protocol state (interest/index updates) may slightly alter borrowing power.

These conditions occur regularly in live DeFi environments.

Impact:

• Users may open positions that are instantly liquidatable.

• Unexpected liquidations may occur despite passing protocol checks.

• Protocol safety assumptions become unreliable.

Proof of Concept

Example scenario:

1. User opens a leveraged position.

2. Calculated health factor = 1.02, which passes validation.

3. Swap execution returns fewer tokens due to slippage.

4. Supplied collateral becomes lower than expected.

5. Final health factor drops to 0.99.

6. Position becomes liquidatable immediately after opening.

The protocol does not re-check the health factor after completing all operations.

Recommended Mitigation

Recalculate and validate the health factor after completing all leverage operations.