Algo Ssstablecoinsss

First Flight #30
Beginner FriendlyDeFi
100 EXP
View results
Submission Details
Severity: high
Valid

In the function _revert_if_health_factor_is_broken constatnt variable MIN_HEALTH_FACTOR is only for WETH.

Summary

The _revert_if_health_factor_is_broken function is responsible for ensuring that a user's health factor meets the minimum required standard. There is only implementation for WETH.

Vulnerability Details

In the function, there is only implementation for WETH.

@internal
def _revert_if_health_factor_is_broken(user: address):
user_health_factor: uint256 = self._health_factor(user)
assert (
user_health_factor >= MIN_HEALTH_FACTOR
), "DSCEngine__BreaksHealthFactor"

Value of the MIN_HEALTH_FACTOR=10^18is higher than the Satoshi factor which is 10^8.

As a result, for WBTC, the user_health_factor can be inflated to more than 101010^{10} times its normal value.

Impact

Bigger value of MIN_HEALTH_FACTOR for WBTC allows on bigger value of user_health_factorand wrong value when

function should revert.

Tools Used

manual review

Recommendations

Add MIN_HEALTH_FACTOR also for WBTC.

@internal
def _revert_if_health_factor_is_broken(user: address):
user_health_factor: uint256 = self._health_factor(user)
# Check if the user's token is WBTC and adjust health factor accordingly
if user_health_factor >= (MIN_HEALTH_FACTOR * 10**10):
# If user health factor is higher due to WBTC precision, still ensure it meets the minimum
assert user_health_factor >= MIN_HEALTH_FACTOR, "DSCEngine__BreaksHealthFactor"
else:
assert user_health_factor >= MIN_HEALTH_FACTOR, "DSCEngine__BreaksHealthFactor"
Updates

Lead Judging Commences

bube Lead Judge 6 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Incorrect MIN_HEALTH_FACTOR for WBTC tokens

The `_calculate_health_factor` function will return result with 8 decimals for WBTC tokens and the check for `MIN_HEALTH_FACTOR` will always revert.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.