H-0 Vulnerability in Premature Liquidation Mechanics

[olaoyesalem]

The liquidation of open positions at PendlePowerFarms can occur through the liquidatePartiallyFromToken function. This function ensures that the position's debt is either equal to or higher than the position's lending amount. Each open position is associated with an NFT ID in the lendingwise contract owned by PendlePowerFarms. However, a user has the capability to liquidate the underlying NFT position at lendingwise before the borrow value reaches the lend value. This bypasses the check in liquidatePartiallyFromToken, allowing for the premature liquidation of the position. Consequently, this premature liquidation can result in the closure of the position earlier, sometimes at a time that is not favorable for the position owner, potentially before a losing position becomes profitable.

Attack Scenario User A opens a position worth 1000 ETH with a leverage of 2. Over time, the price of the underlying lending asset decreases by 5%. User A decides not to close the position and waits for it to become profitable. A malicious user liquidates User A at lending wise. After the liquidation, the borrow amount becomes 0.5 times the value of the lending amount. Initially, the opening position was worth 1000 ETH, and the lending amount was 2000 ETH, so User A is not immediately liquidatable (far from liquidation). User A intends to wait for the position to become profitable. User B pays back 1000 ETH, which covers User A's share of the position, earning 1000 ETH in value of the lending amount. This action removes the leverage from the position, leaving only the initial lending amount. User A incurs losses because they were liquidated earlier, losing 2 times the initial value due to leverage. If the price were to increase, User A wouldn't have had the benefit of 2 times leverage. This scenario can also occur in reverse, forcing User A to close their position despite wanting it to remain open in a profitable scenario before reaching their target price. give me a recommendation for this

[vonMangoldt]

https://github.com/hats-finance/Wise-Lending-0xa2ca45d6e249641e595d50d1d9c69c9e3cd22573/issues/13 See here shouldnt be possible provide POC or test if you want to continue discussion

[vm06007]

@olaoyesalem did you miss same thing as the guy in #13 ??

[olaoyesalem]

@olaoyesalem did you miss same thing as the guy in #13 ??

I guess that's a duplicate issue.

[vonMangoldt]

@olaoyesalem did you miss same thing as the guy in #13 ??

I guess that's a duplicate issue.

there is no issue yet. No tests provided no PoC and probably wrong assumptions so far. Happy to proven wrong but so far invalid

[olaoyesalem]

@olaoyesalem did you miss same thing as the guy in #13 ??

I guess that's a duplicate issue.

there is no issue yet. No tests provided no PoC and probably wrong assumptions so far. Happy to proven wrong but so far invalid

I have an additional finding. Check it out

[vm06007]

I have an additional finding. Check it out

I've checked it out and it is also invalidated