c4-judge
commented
2 months ago jhsagd76 marked the issue as satisfactory
Open c4-bot-10 opened 3 months ago
c4-judge
commented
2 months ago jhsagd76 marked the issue as satisfactory
c4-judge
commented
2 months ago jhsagd76 marked the issue as confirmed for report
Lines of code
Vulnerability details
C4 Issue
M-20: Tokens can't be removed as a collateral without breaking liquidations and other core functions
Issue Details
The issue was that disabling collateral tokens inside
V3Vault.solhad the unintended side effect of makingV3Vault.liquidate()revert, DOSing liquidations for unhealthy positions that are collateralized with the disabled tokenMitigation
PR-25 mitigates the issue of liquidations getting broken, by introducing a check if
collateralValueis 0. However there is another serious problem stemming from the root cause of this issue that is not mitigated with the changes in the PR.Conclusion
The PR implements a fix that prevents liquidation from getting blocked as described in the original issue, that's why I'm marking this as mitigated.
However there is another serious issue stemming from the same root cause as this one, which I've submitted separately. The submission is titled:
Healthy position owners can be liquidated immediately once a token is disabled