The `reserveRatioBips` can be reset to a non zero value once the market was closed.

[c4-submissions]

Lines of code

https://github.com/code-423n4/2023-10-wildcat/blob/c5df665f0bc2ca5df6f06938d66494b11e7bdada/src/WildcatMarketController.sol#L490 https://github.com/code-423n4/2023-10-wildcat/blob/c5df665f0bc2ca5df6f06938d66494b11e7bdada/src/market/WildcatMarket.sol#L142

Vulnerability details

Impact

Once the market is closed the reserveRatioBips is set to zero value.

File: WildcatMarket.sol
142:   function closeMarket() external onlyController nonReentrant {
...
...
146:     state.reserveRatioBips = 0;
...
...

The problem is that there could be a temporaryExcessReserveRatio[market] in progress, returning back the state.reserveRatioBips to a non zero value causing that the liquidityRequired() to be positive because there is a non zero reserve ratio. This behaivour will cause that the borrower can be in deliquency even when the market is closed.

Proof of Concept

Please consider the next scenario:

1. Borrower calls setAnnualInterestBips() and the tmp.reserveRatioBips is 100.
2. Borrower closes the market and reserveRatioBps is zero.
3. After 2 weeks the function resetReserveRatio() returns the value to a non zero (100).

Tools used

Manual review

Recommended Mitigation Steps

Add a restriction in the resetReserveRatio() function that it could not be called when the market is closed.

Assessed type

Access Control

[c4-pre-sort]

minhquanym marked the issue as primary issue

[c4-pre-sort]

minhquanym marked the issue as sufficient quality report

[laurenceday]

If the market is closed, all debt is returned to the market and the borrower is no longer able to access borrow. Doesn't actually matter what the reserve ratio is at that point.

Willing to acknowledge as a QA.

[c4-sponsor]

laurenceday marked the issue as disagree with severity

[c4-sponsor]

laurenceday (sponsor) acknowledged

[c4-judge]

MarioPoneder changed the severity to QA (Quality Assurance)

[c4-judge]

MarioPoneder marked the issue as grade-b