Potential insolvency risk in dpxETH stablecoin system due to absence of liquidation mechanism

[code423n4]

Lines of code

https://github.com/code-423n4/2023-08-dopex/blob/eb4d4a201b3a75dd4bddc74a34e9c42c71d0d12f/contracts/core/RdpxV2Core.sol#L1016

Vulnerability details

Impact

The dpxETH stablecoin system, as implemented, relies on user deposits as collateral when the stablecoin is minted through bond purchasing. When the bonding process is done, the protocol mints a corresponding amount of Receipt tokens to the user that he can redeem for rdpxV2ReceiptToken.

Notably, the mechanism lacks a clear liquidation process to address possible collateral devaluation, leading to potential insolvency issues.

A significant devaluation of the collateral without a corresponding liquidation process can create a scenario where the minted stablecoins' volume exceeds the actual vault backing. This mismatch can erode trust in the dpxETH stablecoin's credibility and stability, potentially leading to a loss of funds for users.

Proof of Concept

• Function redeemBond: Manages bond redemption without considering potential collateral devaluation.

Tools Used

Manual review.

Recommended Mitigation Steps

Incorporate a incitivized liquidation mechanism or process that adjusts collateral values in real-time, ensuring that the stablecoin always has adequate backing.

Assessed type

Other

[c4-pre-sort]

bytes032 marked the issue as low quality report

[bytes032]

Invalid

[c4-judge]

GalloDaSballo marked the issue as unsatisfactory: Insufficient proof

[GalloDaSballo]

Needs a paper with math to make this argument