Open code423n4 opened 2 years ago
If this were the case I think it would be critical, however, we check on every liquidation that the liquidator is not the liquidated account: https://github.com/code-423n4/2021-08-notional/blob/main/contracts/internal/liquidation/LiquidationHelpers.sol#L39
per sponsor comment making this invalid
Handle
cmichel
Vulnerability details
Vulnerability Details
The liquidtation actions do not prevent self-liquidations. See, for example,
LiquidatefCashAction.liquidatefCashLocal
.Impact
When liquidating one-self, in
LiquidatefCash.finalizefCashLiquidation
c.accountContext
is for the same user as theliquidatorContext
. The contexts are updated independently of each other, but they should be updated sequentially. The final liquidatee account context overwrites the previousliquidatorContext
:This could eventually lead to a corrupted account context for self-liquidations.
Recommendation
Check that
msg.sender != liquidateAccount