c4-judge
commented
4 months ago Picodes marked the issue as satisfactory
Open c4-bot-1 opened 4 months ago
c4-judge
commented
4 months ago Picodes marked the issue as satisfactory
Lines of code
Vulnerability details
Comments
A user is not allowed to borrow any USDS if the value of their collateral in USD is less than
minimumCollateralValueForBorrowing. However, it can be bypassed by withdrawing collateral after borrowing a small amount of USDS due to the lack ofminimumCollateralValueForBorrowingchecking inCollateralAndLiquidity#withdrawCollateralAndClaim(). If this small position is undercollateralized, it might not be liquidated because there is insufficient incentive, resulting in a loss for the protocol.Mitigation
commit 8e3231d The mitigation removed the whole stablecoin framework: /stablecoin, /price_feed, WBTC/WETH collateral, PriceAggregator, price feeds and USDS. The original issue was resolved since the flaw function and affected modules had been entirely removed.
Conclusion
Confirmed