The _checkLoanIsHealthy function inside V3Vault is used to assess a user’s given position and determine the health factor of the loan ( e.g if the the loan is overcollateralized enough).
Problem was that no buffer was implemented that would prevent users from borrowing at the borderline of loan to value ratio - e.g if debt could be no more than 80% of the collateral value, users were able to borrow all of those 80%. This is problematic, because such loans could become insolvent very fast with even the tiniest price swings.
Mitigation
PR-17 successfully mitigates the original issue by introducing a BORROW_SAFETY_BUFFER that creates a 5% gap so that loans will remain stable even if small debt or price changes happen
The 5% gap is used in the borrow() & decreaseLiquidityAndCollect() functions to safeguard against creating unstable loans.
Here is the change in the loan health calculations:
Lines of code
Vulnerability details
C4 Issue
M-11: Lack of safety buffer in _checkLoanIsHealthy could subject users who take out the max loan into a forced liquidation
Issue Details
The
_checkLoanIsHealthy
function insideV3Vault
is used to assess a user’s given position and determine the health factor of the loan ( e.g if the the loan is overcollateralized enough).Problem was that no buffer was implemented that would prevent users from borrowing at the borderline of loan to value ratio - e.g if debt could be no more than 80% of the collateral value, users were able to borrow all of those 80%. This is problematic, because such loans could become insolvent very fast with even the tiniest price swings.
Mitigation
PR-17 successfully mitigates the original issue by introducing a
BORROW_SAFETY_BUFFER
that creates a 5% gap so that loans will remain stable even if small debt or price changes happenThe 5% gap is used in the
borrow()
&decreaseLiquidityAndCollect()
functions to safeguard against creating unstable loans.Here is the change in the loan health calculations:
Conclusion
Mitigation Confirmed