Upgraded Q -> 2 from #615 [1715339973059]

[c4-judge]

Judge has assessed an item in Issue #615 as 2 risk. The relevant finding follows:

[01] Flash loan attack may be possible to be used to liquidate users The price of kerosine is directly linked with the degree of overcollateralization.

It increases when:

Collateral is deposited in vaults DYAD is burned dNFT positions are liquidated And decreases when:

Collateral is withdrawn / DYAD is redeemed DYAD is minted Lets assume the protocol is running at an average collateral ratio (CR) of 170%. Bob deposits into his vault at a ratio of 160%, a bit above the minimum ratio of 150%. His collateral consists of 60% kerosine and 100% exogenous collateral.

Alice wishes to liquidate Bob. She takes out a flash loan of kerosine and a exogenous collateral, for example, wstETH. She deposits wstETH and kerosine into vaults, with 100% wstETH and 50% kerosine. She then mints as much DYAD as she can, which is equal to 100% of her collateral (all of her wstETH).

As she minted DYAD at a CR of 150%, which is below the average CR of 170%, this decreases the average CR, to lets say, 165%. As the price of kerosine is directly linked to how much overcollateralization there is, the price of kerosine decreases. Bob’s 60% kerosine as collateral drops to <50%, allowing him to be liquidated. Alice liquidates bob, transferring his collateral over into her own dNFT position. She uses this to again, mint DYAD using Bob’s collateral, and repays the kerosine debt by swapping the minted DYAD to kerosine.

This situation is very specific in terms of constraints required, therefore is unlikely to occur, but I think it is still a scenario to consider.

Recommended mitigations would be to disallow liquidations in the same block (or same transaction) as a deposit.

[c4-judge]

koolexcrypto marked the issue as duplicate of #68

[c4-judge]

koolexcrypto marked the issue as satisfactory

[c4-judge]

koolexcrypto changed the severity to 3 (High Risk)