Users with claimable funds may lose them if they liquidate their own loan
Summary
Issue found at: Vault.vy#liquidate(), Vault.vy#withdraw_underlying_to_claim() and Vault.vy#_claimable_for_token().
Vulnerability Detail
If users were to leave claimable funds within the Vault and call liquidate() without first claiming such funds, they won't be able to claim them afterwards: Vault.vy#_claimable_for_token() will return 0 as the position for such token id has been liquidated.
Impact
Permament loss of rewards, as no logic for rescueing the stray funds is implemented.
Consider pushing claimable funds to a token_owner within the liquidate() function so as to not leave them in the contract, or fuse togethre withdrawal and claim flows
0xlmanini
high
Users with claimable funds may lose them if they liquidate their own loan
Summary
Issue found at: Vault.vy#liquidate(), Vault.vy#withdraw_underlying_to_claim() and Vault.vy#_claimable_for_token().
Vulnerability Detail
If users were to leave claimable funds within the Vault and call liquidate() without first claiming such funds, they won't be able to claim them afterwards: Vault.vy#_claimable_for_token() will return 0 as the position for such token id has been liquidated.
Impact
Permament loss of rewards, as no logic for rescueing the stray funds is implemented.
Code Snippet
withdraw_underlying_to_claim() liquidate() _claimable_for_token()
Tool used
Manual Review
Recommendation
Consider pushing claimable funds to a token_owner within the liquidate() function so as to not leave them in the contract, or fuse togethre withdrawal and claim flows
Duplicate of #123