Position with zero collateral can be left opened after settlement or closing position fee
Summary
A position which has caused shortfall is left opened after settlement, and can continue to cause shortfall during subsequent settlements.
Vulnerability Detail
In at least two scenarios, a position could be left opened with zero collateral:
Position is well under, and owner closes it partially, closing fee covers all remaining collateral:
Example:
position fee: 0.15%
Alice takes a highly leveraged position (x50), market moves 1.9% at next oracle round
After settlement, only 0.1% of the value of the position is left as collateral.
Alice's position is liquidatable, but Alice manages to close it partially before liquidation.
The whole amount of collateral goes into closing position fee (since it is taken out before anything else).
Position is left without collateral after settlement
Alice takes a highly leveraged position (x50), for some reason alice fails being liquidated, and after some settlement,
all her collateral is taken out.
cergyk
high
Position with zero collateral can be left opened after settlement or closing position fee
Summary
A position which has caused shortfall is left opened after settlement, and can continue to cause shortfall during subsequent settlements.
Vulnerability Detail
In at least two scenarios, a position could be left opened with zero collateral:
Since only collateral in the account for the given product can be offered as liquidation incentive: https://github.com/sherlock-audit/2023-05-perennial/blob/main/perennial-mono/packages/perennial/contracts/collateral/Collateral.sol#L129
A potential liquidator has no incentive to liquidate this position, and it can be left opened longer than it should
Impact
A position without collateral can be left opened, causing shortfall to the protocol.
Code Snippet
Tool used
Manual Review
Recommendation
Automatically close all positions on an account without collateral for a product Maybe consider auto-liquidation on settleAccount?
Duplicate of #138