`BBBorrow.repay` and `BBCollateral.addCollateral` lack of `solvent(from)` check

[hats-bug-reporter[bot]]

Github username: -- Twitter username: -- Submission hash (on-chain): 0x1c9c605d8c42db67f6ad917f009d6bbe6ce60d23c4c83cf37d218a55b6a32ce3 Severity: high

Description: Description\ I will take BBBorrow.repay as an example. BBBorrow.repay can be used to pay debt, during the function, assets will be withdrawn from from account to repay the debt owned by to in BBLendingCommon._repay, the issue is that the function doesn't use solvent after the function call.

Same issue exists in BBCollateral.addCollateral

And also in Origins.repay, and Origins.addCollateral

And also in SGLBorrow.repay and SGLCollateral.addCollateral

Attack Scenario\ Please consider in case that Alice the malicious user owns two accounts, both of the accounts has borrowed some tokens, because of solvent in BBBorrow.borrow, both of the accounts are solvent. Then Alice can calls BBBorrow.repay by using account1 as from, and account2 as to, in such case, account1 will be insolvent.

By abusing the above process, Alice can arbitrage

[cryptotechmaker]

repay and addCollateral doesn't need solvency check since it's making a position healthier