0xAristos - M-1: Delisted asset can still be borrowed against #488
Labels
Duplicate
A valid issue that is a duplicate of an issue with `Has Duplicates` label
Medium
A Medium severity issue.
Reward
A payout will be made for this issue
Sponsor Disputed
The sponsor disputed this issue's validity
Won't Fix
The sponsor confirmed this issue will not be fixed
0xAristos
Medium
M-1: Delisted asset can still be borrowed against
Summary
Continued Use of Delisted Assets as Collateral
Vulnerability Detail
In the
PositionManager
contract, assets that have been delisted can still be used as collateral by positions that already hold them in theirPositionAssets
array. This creates two problematic scenarios:Continued Use of Delisted Assets: If an asset is delisted, but the protocol does not remove it from existing positions, those positions can continue to use the delisted asset as collateral. This means users can still borrow against an asset that is no longer supported, which may undermine the protocol’s risk management.
Removal of Oracle for Delisted Assets: If an asset is delisted and the protocol subsequently removes the oracle for that asset, positions holding the asset may face immediate liquidation. Without a valid price feed, the asset's value cannot be determined, leading to quick and potentially unfair liquidations. Users may lose their collateral without sufficient notice or opportunity to adjust their positions.
Impact
These scenarios pose significant risks to both the protocol and its users:
For the Protocol: Allowing delisted assets to be used as collateral could expose the protocol to unexpected risks, especially if the asset's value declines or becomes volatile after delisting.
For Users: The removal of the oracle for a delisted asset can result in abrupt liquidations, causing users to lose their collateral unfairly. This undermines user trust and could lead to financial losses, particularly in volatile markets.
Proof of Concept
Consider the following scenarios where a delisted asset continues to be used as collateral:
Scenario 1: An asset is delisted but remains in the
PositionAssets
array of existing positions. Users can still borrow against this asset despite it being delisted, which might not align with the protocol's risk management objectives.solidity
Copy code
Scenario 2: An asset is delisted, and its oracle is removed. Positions holding this asset are unable to maintain their health due to the lack of a price feed, leading to sudden liquidations:
solidity
Copy code
Code Snippet
https://github.com/sentimentxyz/protocol-v2/blob/04bf15565165396608cc0aedacf05897235518fd/src/PositionManager.sol#L384
Tool used
Manual Review
Recommendation
To address these issues, consider the following actions:
Prevent Borrowing Against Delisted Assets: When an asset is delisted, prohibit its use as collateral in any new borrowing actions. Update the risk management system to exclude delisted assets from the collateral calculation for new loans; i.e when calculating the Health of a position post-action, unsupported asset should not be considered in the total value of the account.
Graceful Handling of Oracle Removal: If an asset's oracle is removed, allow users a grace period to either repay their loans or replace the delisted asset with another supported asset. This can prevent sudden liquidations and give users a fair chance to manage their positions.
Implementing these changes will help protect both the protocol and its users from the risks associated with delisted assets, ensuring fair and transparent operations.
Duplicate of #282
The text was updated successfully, but these errors were encountered: