Root + Impact

Description

• The liquidation logic performs partial liquidation using mismatched math between collateral seized and debt reduced.

• During partial liquidation, the protocol calculates:

• Collateral to seize (including liquidation bonus)

• Debt to burn (liquidated amount)

• However, the relationship between these two values is not strictly enforced to maintain 1:1 economic equivalence at oracle price precision.

Conceptually, correct liquidation requires:

collateral_seized_value_usd

debt_repaid_usd × (1 + liquidation_bonus)

If precision ordering or scaling is incorrect (for example division before multiplication, or incorrect bonus application), integer truncation causes mismatch.

Example vulnerable pattern:

collateral_to_seize = debt_to_cover / price * (1 + bonus)

Instead of:

collateral_to_seize = (debt_to_cover * (1 + bonus)) / price

Integer division before multiplication reduces precision and distorts equivalence.

As a result:

Small liquidations can create rounding asymmetry

Repeated partial liquidations accumulate accounting imbalance

Protocol solvency assumptions degrade over time

Risk

Likelihood: Medium

• Reason 1 Partial liquidation is a core mechanism.

• Reason 2 Precision math in integer systems is highly error-prone.

• Reason 3 Repeated liquidations amplify rounding drift.

Impact: Medium

• Impact 1 Liquidators may extract excess collateral.

• Impact 2 Borrowers may be over-penalized or under-penalized.

• Impact 3 Long-term protocol accounting imbalance.

Proof of Concept

Assume:

Collateral price = 2000 USD

Debt to cover = 1000 USD

Liquidation bonus = 10%

Correct behavior:

Expected behavior:
Debt burned must strictly equal the USD value of collateral seized divided by (1 + bonus).

Actual behavior:
Collateral and debt math may diverge due to precision ordering and rounding.

Root Cause

Incorrect precision ordering in liquidation math.

Division is performed before multiplication or before applying liquidation bonus, causing integer truncation and breaking economic equivalence.

Additionally, no invariant ensures:

Recommended Mitigation

1. Enforce Correct Precision Ordering

Always multiply before division:

Never divide before applying bonus multipliers.

2. Maintain USD-Level Accounting Consistency

Add invariant checks ensuring:

USD(collateral_seized)
≥
USD(debt_repaid) × (1 + bonus)

3.Use Consistent Precision Constants

Ensure all math uses:

1e18 base precision

Oracle decimals normalized

Bonus scaled correctly

4.Add Unit Tests for Edge Rounding Cases

Test:

Small liquidation amounts

Minimum liquidation thresholds

Boundary rounding cases

Repeated partial liquidations

Conclusion

Partial liquidation math currently allows mismatch between debt reduction and collateral seized due to precision ordering errors.

While this may not instantly drain the protocol, repeated liquidations can introduce systemic accounting drift and unfair value extraction.

Correcting precision ordering and enforcing strict economic invariants ensures long-term protocol solvency and fairness.