for exterme leverage positions can't be liquidated
Summary
for huge token positions with an asset that supports high total supply, liquidation won't be able to be possible.
Vulnerability Detail
An attacker can make a big position more than type(int256).max since maintenanceMargin is uint we can increase with leverage to 3billion and then when it gets safe casted it will revert because it only accepts a type of int256 and not uint
simon135
medium
for exterme leverage positions can't be liquidated
Summary
for huge token positions with an asset that supports high total supply, liquidation won't be able to be possible.
Vulnerability Detail
An attacker can make a big position more than
type(int256).max
sincemaintenanceMargin
is uint we can increase with leverage to3billion
and then when it gets safe casted it will revert because it only accepts a type ofint256
and notuint
Impact
position cant get liquidated
https://github.com/sherlock-audit/2023-04-jojo/blob/6090fef68932b5577abf6b5aa26eb1e579353c57/smart-contract-EVM/contracts/lib/Liquidation.sol#L124
Code Snippet
Tool used
Manual Review
Recommendation
make it uint or have a way for an admin to decrease the pos