0x73696d616f - Liquidations will leave dust when repaying expired maturities, making it impossible to clear bad debt putting the protocol at a risk of insolvency #69
Labels
Medium
A Medium severity issue.
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Won't Fix
The sponsor confirmed this issue will not be fixed
0x73696d616f
High
Liquidations will leave dust when repaying expired maturities, making it impossible to clear bad debt putting the protocol at a risk of insolvency
Summary
Market::liquidate()
gets the maximum assets to liquidate fromAuditor::checkLiquidation()
. Then, when repaying maturities, when they have expired, it calculates how much principal of the maturity it has to liquidate to take into account the penalty rate and liquidate at mostmaxRepayAssets
. However, there is rounding in this process that means the actual repay assets will be smaller thanmaxRepayAssets
, which means the liquidatee will have dust collateral. Thus, it will be impossible to clear the bad debt, even if liquidated again later.Root Cause
In
Market::liquidate()
, it calculates the actual repay has:When
debt > maxAssets
, it will round down in the calculation, liquidating less assets than the maximum and leaving the liquidatee with some dust making it impossible to clear the bad debt.Internal pre-conditions
External pre-conditions
None.
Attack Path
clearBadDebt()
will never be called.Impact
When there are expired maturities and the debt is bigger than the collateral
clearBadDebt()
will not be called, not even if liquidated successively.PoC
Place the following test in
Market.t.sol
. Notice how it reverts due toZERO_WITHDRAW
as theactualRepayAssets
is zero.Mitigation
The mentioned rounding error is hard to deal with, it's easier to set some threshold to clear bad debt so rounding errors can be disregarded.
The text was updated successfully, but these errors were encountered: