As stated in the Revert Lend Whitepaper, the liquidation fee for underwater positions is supposed to be 10% of the debt. However, the original code V3Vault. _calculateLiquidation calculates it as 10% of the fullValue:
// all position value
liquidationValue = fullValue;
uint256 penaltyValue = fullValue * (Q32 - MAX_LIQUIDATION_PENALTY_X32) / Q32;
liquidatorCost = penaltyValue;
reserveCost = debt - penaltyValue;
uint256 penalty = debt * MAX_LIQUIDATION_PENALTY_X32 / Q32;
// if value is enough to pay penalty
if (fullValue > penalty) {
liquidatorCost = fullValue - penalty;
} else {
// this extreme case leads to free liquidation
liquidatorCost = 0;
}
liquidationValue = fullValue;
reserveCost = debt - liquidatorCost; // Remaining to pay is taken from reserves
In case fullValue > penalty, then liquidatorCost = fullValue - penalty, liquidationValue = fullValue, so the liquidation premium earned by liquidator is liquidationValue - liquidatorCost = penalty = 0.1 debt.
The mitigation solved the original issue.
Lines of code
Vulnerability details
C4 issue
M-24: Incorrect liquidation fee calculation during underwater liquidation, disincentivizing liquidators to participate
Comment
As stated in the Revert Lend Whitepaper, the liquidation fee for underwater positions is supposed to be 10% of the debt. However, the original code
V3Vault. _calculateLiquidation
calculates it as 10% of the fullValue:MAX_LIQUIDATION_PENALTY_X32 = 10% * Q32
Mitigation
PR #7 The mitigation code is as follows:
In case
fullValue > penalty
, thenliquidatorCost = fullValue - penalty
,liquidationValue = fullValue
, so the liquidation premium earned by liquidator isliquidationValue - liquidatorCost = penalty = 0.1 debt
. The mitigation solved the original issue.Conclusion
LGTM