The liquidation function will DoS if the liquidator wishes to receive the token he is blacklisted for.
Proof of Concept
liquidatePartiallyFromTokens() function is used to liquidate a position, and the liquidator in this case can choose his payback and receive tokens while liquidating,
If a liquidator somehow wishes to choose receiveTokens to be token that has blacklist addresses, and if the liquidator is blacklisted for that token, the whole function will revert.
liquidatePartiallyFromTokens() function is calling _coreLiquidation() from WiseCore.sol and which in turn is calling _safeTransfer() to transfer the receiveToken to the liquidator address.
The _safeTransfer will revert for tokens with blacklisted properties such as USDC.
This could be unintentional form liquidator side but will potentially lead to DoS of liquidatePartiallyFromTokens() function and unfair loss to the liquidator incentives.
Tools Used
Manual Review
Recommended Mitigation Steps
Put a try / catch around liquidation function for blacklisted token for the caller
Lines of code
https://github.com/code-423n4/2024-02-wise-lending/blob/main/contracts/WiseLending.sol#L1250-L1309 https://github.com/code-423n4/2024-02-wise-lending/blob/main/contracts/WiseCore.sol#L681-L685
Vulnerability details
Impact
The liquidation function will DoS if the liquidator wishes to receive the token he is blacklisted for.
Proof of Concept
liquidatePartiallyFromTokens()
function is used to liquidate a position, and the liquidator in this case can choose his payback and receive tokens while liquidating, If a liquidator somehow wishes to choose receiveTokens to be token that has blacklist addresses, and if the liquidator is blacklisted for that token, the whole function will revert.liquidatePartiallyFromTokens()
function is calling_coreLiquidation()
fromWiseCore.sol
and which in turn is calling_safeTransfer()
to transfer the receiveToken to the liquidator address.The
_safeTransfer
will revert for tokens with blacklisted properties such asUSDC
. This could be unintentional form liquidator side but will potentially lead to DoS ofliquidatePartiallyFromTokens()
function and unfair loss to the liquidator incentives.Tools Used
Manual Review
Recommended Mitigation Steps
Put a try / catch around liquidation function for blacklisted token for the caller
Assessed type
DoS