sendQuote: Fee collection at last can itself make a position underwater
Summary
The sendQuote function collects the fee at last (after performing all collateral validations). This can instantly make the partyA and his positions unhealthy.
If the user invokes this function with the intention of creating the maximum possible position, then after fee collection the account will become eligible for liquidation (as allocated balance is decreased during fee collection).
Impact
The protocol natively allows creation of positions which makes a partyA eligible for liquidation instantly. This is not an ideal outcome for Symmetrical protocol. The fee must be taken into consideration while validating the account's health and liquidation status.
Consider deducting fee at the top of function or consider including the to-be-deducted fee amount into determining the account's health and liquidation status.
AkshaySrivastav
medium
sendQuote: Fee collection at last can itself make a position underwaterSummary
The
sendQuotefunction collects the fee at last (after performing all collateral validations). This can instantly make the partyA and his positions unhealthy.Vulnerability Detail
The sendQuote function here (https://github.com/sherlock-audit/2023-06-symmetrical/blob/main/symmio-core/contracts/facets/PartyA/PartyAFacetImpl.sol#L119) collects the trading fee at last.
If the user invokes this function with the intention of creating the maximum possible position, then after fee collection the account will become eligible for liquidation (as allocated balance is decreased during fee collection).
Impact
The protocol natively allows creation of positions which makes a partyA eligible for liquidation instantly. This is not an ideal outcome for Symmetrical protocol. The fee must be taken into consideration while validating the account's health and liquidation status.
Code Snippet
https://github.com/sherlock-audit/2023-06-symmetrical/blob/main/symmio-core/contracts/facets/PartyA/PartyAFacetImpl.sol#L119
Tool used
Manual Review
Recommendation
Consider deducting fee at the top of function or consider including the to-be-deducted fee amount into determining the account's health and liquidation status.