M-14 MitigationConfirmed

[c4-bot-9]

Lines of code

Vulnerability details

Issue

The Pool assumes loanLiquidation() will always receive only principal amount back without any interest. It could cause the performance fee to be missed.

Mitigation

Added logic to ensure the performance is charged in case the loan is liquidated.

-       uint256 fees = IFeeManager(getFeeManager).processFees(_received, 0);
+       uint256 fees;
+       if (_received > _principalAmount) {
+           fees = IFeeManager(getFeeManager).processFees(_principalAmount, _received - _principalAmount);
+       }else {
+           fees = IFeeManager(getFeeManager).processFees(_received, 0);
+       }

[c4-judge]

alex-ppg marked the issue as satisfactory