CreditBuyers can bring down the CollateralRatio of CreditSellers by generating new loans instead of buying credit from an existing position the CreditSellers put on sale.

[c4-bot-6]

Lines of code

https://github.com/code-423n4/2024-06-size/blob/main/src/libraries/actions/BuyCreditMarket.sol#L51-L197

Vulnerability details

Impact

CreditSeller's CollateralRatio can be brought down by CreditBuyers, which, depending on the market's activity, could help to deteriorate the CR faster and have CreditSellers liquidated.

Proof of Concept

When CreditSellers wants to SellCredit via a LimitOrder, they post the YieldCurve specifying the APR and Tenors they'd like to SellCredit at. Then, a CreditBuyer can request a BuyCredit MarketOrder to lend/sell Credit to a BorrowOffer from the Borrow OrderBook. When buying credit with a market order, the CreditBuyer can specify if he would like to buy the credit from an existing CreditPosition, or if he would like to buy the credit from a new CreditPosition, a.k.a borrowing to a lender.

The CreditSellers can specify if their positions are for sale, or only certain positions could be sold, but, CreditSellers can't specify if they would like to sell credit via a new CreditPosition (borrowing).

• This poses a risk because CreditSellers who have active borrows (DebtPositions) most likely have a healthy CollateralRatio to avoid getting liquidated. But, if a CreditSeller places a SellCredit LimitOrder to sell credit from one of his existing CreditPositions, a CreditBuyer can buy the Credit by creating a new Debt/Credit Position, a.k.a lending to the credit seller. This will bring down the collateral ratio of the CreditSeller, which poses a risk of getting liquidated.

Tools Used

Manual Audit

Recommended Mitigation Steps

Similar to how CreditSellers can control which of their CreditPositions are for sale, allow CreditSellers to have the ability to specify if they'd like to Sell Credit by lending or by selling credit from an existing CreditPosition.

Assessed type

Context

[stalinMacias]

@hansfriese Could you take a look at this report? Looks like it was rejected because of insufficient proof, but, this issue is pretty self explanatory. It is worth considering it because the CreditBuyer's CollateralRatio can be manipulated and pose a risk of their positions getting liquidated.

As mentioned in the report, a CreditSeller who has active borrows needs to have a healthy CollateralRatio. Suppose a User who has 1 Borrow of 150 USD, and a Collateral worth 300 USD, its CR is 200%. This User also owns some CreditPositions and wants to sell 1 of them.

• To do it, the User posts a SellCredit LimitOrder, which means, the User will have assigned a BorrowOffer (YieldCurve and Tenor).

So, now, a CreditBuyer comes, and, instead of buying the CreditPosition that the User posted to be sold, the CreditBuyer passes params.creditPositionId == RESERVED_ID, which, it will create a new loan for the User who was intending to sell an existing CreditPosition.

• As a result, the User's CollateralRatio will decrease because of the new loan, because, now, the user has a new DebtPosition because the CreditBuyer issued a new loan to the user, instead of buying the existing CreditPosition that was put for sale.

Please do let me know if is required to explain in detail something about this report.

[hansfriese]

I agree it is a good recommendation and should addressed in future development. However, I believe the impact is low because the borrower can prevent a new debt by setting a high custom opening limit CR. As long as the user has a borrow offer and available collateral, he would be considered to accept any type of debt.