search

sherlock-audit / 2023-04-jojo-judging

7 stars 4 forks source link

m9800 - M-3: Liquidation in case of delisted collateral #430

Closed sherlock-admin closed 1 year ago

sherlock-admin commented 1 year ago

m9800

medium

M-3: Liquidation in case of delisted collateral

Summary

Vulnerability Detail

When collateral is delisted, its value is treated as zero (differing from the market price) when the protocol assesses the account's safety. As a result, certain accounts may become undercollateralized when their collateral is delisted and may be subject to liquidation. The protocol uses 2 different functions to check if an account is safe depending if the transaction is a withdrawal or a liquidation:

-_isAccountSafe() for withdrawals using initialMortgageRate -_isStartLiquidation() for liquidations using liquidationMortgageRate

This will cause losses to the liquidated user as collateral is liquidated at a discount price. In the event of under-collateralization, users with delisted collateral deposits are not permitted to withdraw them but the protocol considers them worthless.

Impact

Delisting collateral can cause losses to certain accounts

Code Snippet

https://github.com/JOJOexchange/JUSDV1/blob/c04572261828c0feb30d6739e595ca02e0122873/src/Impl/JUSDBank.sol#L143 https://github.com/JOJOexchange/JUSDV1/blob/c04572261828c0feb30d6739e595ca02e0122873/src/Impl/JUSDBank.sol#L138 https://github.com/JOJOexchange/JUSDV1/blob/c04572261828c0feb30d6739e595ca02e0122873/src/Impl/JUSDView.sol#L123 https://github.com/JOJOexchange/JUSDV1/blob/c04572261828c0feb30d6739e595ca02e0122873/src/Impl/JUSDView.sol#L182

    function withdraw(
        address collateral,
        uint256 amount,
        address to,
        bool isInternal
    ) external override nonReentrant nonFlashLoanReentrant{

        // 

        require(
            _isAccountSafe(user, tRate),
            JUSDErrors.AFTER_WITHDRAW_ACCOUNT_IS_NOT_SAFE
        );
    }

function _calculateLiquidateAmount(
        address liquidated,
        address collateral,
        uint256 amount
    ) internal view returns (DataTypes.LiquidateData memory liquidateData) {
         //
        //
        require(
            _isStartLiquidation(liquidatedInfo, tRate), 
            JUSDErrors.ACCOUNT_IS_SAFE
        );

Tool used

Manual Review

Recommendation

When a delisting occurs, users who find themselves in a position at risk of liquidation should be given a specific amount of time to withdraw their assets, sell them on the market, and deposit the necessary amount to keep their account secure. It's not correct to prevent users to withdraw their assets when the protocol treats them as worthless.

Duplicate of #292

m9800 commented 1 year ago

Escalate for 10 USDC The comment from the sponsor in #292 states that delisted collateral should not be used. The problem arises when users, who have entered the system with collateral approved by the protocol, find themselves at risk of a liquidation position solely because the collateral has been delisted. These users are not acting maliciously and are suddenly subjected to an unfair decision. Their delisted collateral is treated as having a value of 0, and they are not allowed to withdraw it, which means their delisted collateral could be liquidated at a discounted price.

sherlock-admin commented 1 year ago

Escalate for 10 USDC The comment from the sponsor in #292 states that delisted collateral should not be used. The problem arises when users, who have entered the system with collateral approved by the protocol, find themselves at risk of a liquidation position solely because the collateral has been delisted. These users are not acting maliciously and are suddenly subjected to an unfair decision. Their delisted collateral is treated as having a value of 0, and they are not allowed to withdraw it, which means their delisted collateral could be liquidated at a discounted price.

You've created a valid escalation for 10 USDC!

To remove the escalation from consideration: Delete your comment.

You may delete or edit your escalation comment anytime before the 48-hour escalation window closes. After that, the escalation becomes final.

JoscelynFarr commented 1 year ago

Users can still withdraw their delisted collateral as long as they keep their account secure.

Trumpero commented 1 year ago

I believe this is a non-issue since it is the expectation of collateral delisting from protocol team. In such cases, the protocol should notify users in advance for preparation. After delisting, users can still withdraw the delisted collateral if their account is safe.

hrishibhat commented 1 year ago

Result: Low Duplicate of #292 Considering the issue low based on the above comments

sherlock-admin commented 1 year ago

Escalations have been resolved successfully!

Escalation status: