code-423n4 / 2024-03-saltyio-mitigation-findings

0 stars 0 forks source link

M-29 MitigationConfirmed #111

Open c4-bot-2 opened 8 months ago

c4-bot-2 commented 8 months ago

Lines of code

Vulnerability details

C4 Issue

https://github.com/code-423n4/2024-01-salty-findings/issues/118

Comments

The issue describes how the protocol's functions to adjust the minimumCollateralRatioPercent and rewardPercentForCallingLiquidation inadvertently compromise its aim to maintain a collateral buffer of at least 105% against market volatility, due to a calculation oversight. The issue arises because the liquidation reward is computed as a percentage of the collateral amount rather than the borrowed amount, leading to situations where, after liquidation rewards are accounted for, the remaining collateral ratio falls below the intended 105% threshold.

Mitigation

https://github.com/othernet-global/salty-io/commit/8e3231d3f444e9851881d642d6dd03021fade5ed

The mitigation for this issue revolved around the deprecation of number of key components including the removal of the overcollateralized USDS stablecoin framework, adding collateral, liquidations etc.

Conclusion

LGTM

c4-judge commented 8 months ago

Picodes marked the issue as satisfactory

c4-judge commented 8 months ago

Picodes marked the issue as confirmed for report