search

hats-finance / Tapioca--Lending-Engine--0x5bee198f5b060eecd86b299fdbea6b0c07c728dd

Other
0 stars 0 forks source link

BuyCollateral is opening more debt but not accruing Penrose Markets #2

Open hats-bug-reporter[bot] opened 1 month ago

hats-bug-reporter[bot] commented 1 month ago

Github username: @GalloDaSballo Twitter username: GalloDaSballo Submission hash (on-chain): 0x1c5ec0e3fd15caeba17388c43eb0c1e75b5a24b447664e71f559006eed1fe81c Severity: medium

Description:

Impact

BBLiquidation was changed to accrue all markets (as it will change eth market debt)

https://github.com/hats-finance/Tapioca--Lending-Engine--0x5bee198f5b060eecd86b299fdbea6b0c07c728dd/blob/588874fe78db2149d577ae87957ef78265ef2afc/contracts/markets/bigBang/BBLiquidation.sol#L119-L136

    function liquidate(
        address[] calldata users,
        uint256[] calldata maxBorrowParts,
        uint256[] calldata minLiquidationBonuses,
        IMarketLiquidatorReceiver[] calldata liquidatorReceivers,
        bytes[] calldata liquidatorReceiverDatas
    ) external optionNotPaused(PauseType.Liquidation) {
        if (users.length == 0) revert NothingToLiquidate();
        if (users.length != maxBorrowParts.length) revert LengthMismatch();
        if (users.length != liquidatorReceivers.length) revert LengthMismatch();
        if (liquidatorReceiverDatas.length != liquidatorReceivers.length) {
            revert LengthMismatch();
        }

        _updateOracleRateForLiquidations();

        _accrue();
        penrose.reAccrueBigBangMarkets();

This should apply to BBLeverage as otherwise interest rates will be computed with a possibly incorrect total debt

https://github.com/hats-finance/Tapioca--Lending-Engine--0x5bee198f5b060eecd86b299fdbea6b0c07c728dd/blob/588874fe78db2149d577ae87957ef78265ef2afc/contracts/markets/bigBang/BBLeverage.sol#L53-L63

    function buyCollateral(address from, uint256 borrowAmount, uint256 supplyAmount, bytes calldata data)
        external
        optionNotPaused(PauseType.LeverageBuy)
        solvent(from, false)
        notSelf(from)
        returns (uint256 amountOut)
    {
        if (address(leverageExecutor) == address(0)) {
            revert LeverageExecutorNotValid();
        }
         /// @audit needs to accrue markets since it will cause changes

Mitigation

Change buyCollateral to call penrose.reAccrueBigBangMarkets();

    function buyCollateral(address from, uint256 borrowAmount, uint256 supplyAmount, bytes calldata data)
        external
        optionNotPaused(PauseType.LeverageBuy)
        solvent(from, false)
        notSelf(from)
        returns (uint256 amountOut)
    {
        if (address(leverageExecutor) == address(0)) {
            revert LeverageExecutorNotValid();
        }
         penrose.reAccrueBigBangMarkets();
GalloDaSballo commented 1 month ago

This should be closed as the hats repo is on the wrong commit