0xMoaz
commented
1 year ago This is part of the protocol design and it's the borrowers' responsibility to use pools with reasonable fall duration.
Closed github-actions[bot] closed 1 year ago
0xMoaz
commented
1 year ago This is part of the protocol design and it's the borrowers' responsibility to use pools with reasonable fall duration.
banditx0x
high
Users can be Unfairly Liquidated When _collateralRatioFallDuration Is Low
Summary
Surge pools with a high _collateralRatioFallDuration gradually update their price to reflect changes in the ratio between collateral and borrows in the underlying pool. However, if _collateralRatioFallDuration is low, then the collateral ratio can be quickly and easily manipulated to unfairly liquidate users.
Vulnerability Detail
Lets say a user borrows from the Pool and isn't liquidatable.
An attacker can manipulate _lastCollateralRatioMantissa, by depositing a large amount of collateral and borrowing a large ratio of that collateral. This will push the collateral Ratio for all loans lower, which will push the innocent user's position into the liquidation threshold.
Impact
Users can lose funds from being unfairly liquidated when _collateralRatioFallDuration is low.
Code Snippet
https://github.com/sherlock-audit/2023-02-surge/blob/main/surge-protocol-v1/src/Pool.sol#L570
https://github.com/sherlock-audit/2023-02-surge/blob/main/surge-protocol-v1/src/Pool.sol#L252
Tool used
Manual Review
Recommendation
Set a lower bound for _collateralRatioFallDuration