Allocation Discrepancy in LiquidatePartyB Function
Summary
The LiquidationFacetImpl.sol contract contains a potential vulnerability in the liquidatePartyB function. An edge case exists where partyA could benefit from more than the originally allocated cva. If the (-availableBalance) is greater than accountLayout.partyBLockedBalances[partyB][partyA].lf, the remainingLf value becomes zero, allowing partyA to receive a larger cva allocation than initially intended.
Vulnerability Detail
In the liquidatePartyB function of the LiquidationFacetImpl.sol contract, the following code snippet indicates a potential vulnerability:
When remainingLf is zero due to (-availableBalance) being greater than accountLayout.partyBLockedBalances[partyB][partyA].lf, the addition operation can result in an unintended increase inaccountLayout.allocatedBalances[partyA], potentially providing partyA with a larger cva allocation than originally allocated.
Impact
This vulnerability has the potential to allow partyA to benefit from a greater cva allocation than intended during the liquidation process. This discrepancy could result in an imbalance and unfair distribution of funds, negatively impacting the overall fairness of the contract.
To address this vulnerability, it is recommended to update the code in the liquidatePartyB function. Consider adding a check to ensure that the remainingLf value is not set to zero if (-availableBalance) is greater than accountLayout.partyBLockedBalances[partyB][partyA].lf. This check will prevent partyA from receiving a larger cva allocation than originally allocated. Alternatively, you may consider revisiting the allocation logic to ensure a fair and balanced distribution of funds between the parties involved in the liquidation process.
GiorgioDalla
medium
Allocation Discrepancy in LiquidatePartyB Function
Summary
The LiquidationFacetImpl.sol contract contains a potential vulnerability in the liquidatePartyB function. An edge case exists where partyA could benefit from more than the originally allocated cva. If the (-availableBalance) is greater than accountLayout.partyBLockedBalances[partyB][partyA].lf, the remainingLf value becomes zero, allowing partyA to receive a larger cva allocation than initially intended.
Vulnerability Detail
In the liquidatePartyB function of the LiquidationFacetImpl.sol contract, the following code snippet indicates a potential vulnerability:
When remainingLf is zero due to (-availableBalance) being greater than
accountLayout.partyBLockedBalances[partyB][partyA].lf, the addition operation can result in an unintended increase inaccountLayout.allocatedBalances[partyA], potentially providing partyA with a larger cva allocation than originally allocated.Impact
This vulnerability has the potential to allow partyA to benefit from a greater cva allocation than intended during the liquidation process. This discrepancy could result in an imbalance and unfair distribution of funds, negatively impacting the overall fairness of the contract.
Code Snippet
https://github.com/sherlock-audit/2023-06-symmetrical/blob/main/symmio-core/contracts/facets/liquidation/LiquidationFacetImpl.sol#L293-L296
Tool used
Manual Review
Recommendation
To address this vulnerability, it is recommended to update the code in the liquidatePartyB function. Consider adding a check to ensure that the remainingLf value is not set to zero if (-availableBalance) is greater than accountLayout.partyBLockedBalances[partyB][partyA].lf. This check will prevent partyA from receiving a larger cva allocation than originally allocated. Alternatively, you may consider revisiting the allocation logic to ensure a fair and balanced distribution of funds between the parties involved in the liquidation process.