search

sherlock-audit / 2023-02-kairos-judging

2 stars 0 forks source link

csanuragjain - Liquidation occur at incorrect time #144

Closed sherlock-admin closed 1 year ago

sherlock-admin commented 1 year ago

csanuragjain

medium

Liquidation occur at incorrect time

Summary

Asset becomes liquidable at incorrect time. As per Storage.sol#L42 -

"@param endDate timestamp after which sale starts & repay is impossible"

But it seems that asset becomes liquidable even at endDate which is incorrect and would lead user to lose collateral

Vulnerability Detail

  1. Lets say User A has a loan whose endDate is X
  2. User plan to repay his loan at timestamp X
  3. But Attacker can liquidate user at endDate because as per contract loan becomes liquidable at endDate which is incorrect as per docs
function checkLoanStatus(uint256 loanId) internal view {
        Loan storage loan = protocolStorage().loan[loanId];

        if (block.timestamp < loan.endDate) {
            revert CollateralIsNotLiquidableYet(loan.endDate, loanId);
        }
...
}

Impact

User assets become liquidable at unexpected time which may cause user to lose his collateral

Code Snippet

https://github.com/sherlock-audit/2023-02-kairos/blob/main/kairos-contracts/src/AuctionFacet.sol#L80

Tool used

Manual Review

Recommendation

Revise the condition like below:

function checkLoanStatus(uint256 loanId) internal view {
        Loan storage loan = protocolStorage().loan[loanId];

        if (block.timestamp <= loan.endDate) {
            revert CollateralIsNotLiquidableYet(loan.endDate, loanId);
        }
...
}
npasquie commented 1 year ago

Although the wording indeed seems imprecise on which precise second an asset becomes liquidable, due to blockchains nature I don't consider that a borrower would plan (or even can) to repay its loan at an exact timestamp

npasquie commented 1 year ago

50 reports the same thing