search

Cyfrin / 2023-07-foundry-defi-stablecoin

37 stars 32 forks source link

We would not be able to incentivize the liquidators. #857

Open codehawks-bot opened 1 year ago

codehawks-bot commented 1 year ago

We would not be able to incentivize the liquidators.

Severity

Medium Risk

Relevant GitHub Links

https://github.com/Cyfrin/2023-07-foundry-defi-stablecoin/blob/main/src/DSCEngine.sol#L251

Summary - Vulnerability Details

This is the known bug we learned in the tutorial but because it was not mentioned in the know issues due to that I am mentioning it.

The protocol gives a 10% bonus to liquidators when they pay the users' borrowed DSC back to the protocol in order to gain their collateral. It means we are paying them $110 in collateral tokens for $100 DSC tokens.

It means if the collateral tokens value will be less than $110 then the protocol will not be able to incentivize the liquidators.

It is also possible that the contract will have the collective amount for that token to pay the 10% but this will damage the last users who redeem their collateral for that token but the contract will not have that because it pays incentives.

Tools Used

Tutorial

Recommendations

Give the bonus only when the collateral amount is greater than 110%, this way obviously liquidators will not gain any profit for doing liquidation but project owners can save the protocol when the collateral will be less than 110%.

PatrickAlphaC commented 1 year ago

If the protocol ever becomes insolvent, there is almost no way to recover. This is a known issue.

This finding as you have written up was what I meant by this.

An auction would 100% be the route of choice here.

PatrickAlphaC commented 1 year ago

Hmmm... This is more about between 110 - 100% collateralized which I sort of also intended but didn't clarify. I'll leave open.