hans-cyfrin
commented
1 year ago This is a common problem for all protocols with liquidation functionality. It is the user's responsibility to keep the "loan" in a good health. Please note that this kind of submission is not eligible for reward cause it's not regarded a "protocol specific" vulnerability.
Price Volatility Vulnerability in liquidate Function
Severity
High Risk
Relevant GitHub Links
https://github.com/Cyfrin/foundry-defi-stablecoin-f23/blob/e37b7a7e481c25c0bb14edfccc0234c1956b6a8b/src/DSCEngine.sol#L197C32-L197C32
Summary
The DSCEngine contract is vulnerable to price volatility, allowing attackers to exploit sudden price spikes and trigger unintended user liquidations.
Vulnerability Details
The DSCEngine contract is susceptible to a vulnerability arising from its failure to account for extreme price volatility of collateral tokens provided by oracle price feeds. This vulnerability can lead to unexpected liquidations of user positions when the collateral value experiences sudden and significant spikes. Attackers monitoring price spikes can exploit this vulnerability to perform flash loan attacks, triggering liquidation attempts on vulnerable users.
Impact
The potential consequences of this vulnerability are significant:
Unintended Liquidations: Users could face liquidation even when their overall positions are fundamentally solvent due to temporary price spikes. This can result in loss of collateral and disruption of user positions.
Arbitrage Exploitation: Attackers can exploit the vulnerability to profit from the discounted acquisition of collateral tokens during the liquidation process, which can lead to arbitrage opportunities once prices stabilize.
User Confidence Erosion: Frequent unexpected liquidations could erode user trust in the platform, leading to decreased adoption and engagement.
Tools Used
Manual Review
Recommendations
Implement Price Range Security: Develop and integrate a mechanism that temporarily suspends liquidations during periods of extreme price volatility. This involves setting predefined price ranges within which liquidations will be disabled, thereby preventing liquidations triggered by transient price spikes.
Enhance Oracle Aggregation: Utilize multiple oracle sources for price feeds and implement an aggregation mechanism to reduce the impact of individual oracle inaccuracies or manipulation attempts.