sherlock-admin2
commented
1 year ago 1 comment(s) were left on this issue during the judging contest.
0xyPhilic commented:
invalid because there is a check if the withdrawLend is allowed
Closed sherlock-admin2 closed 1 year ago
sherlock-admin2
commented
1 year ago 1 comment(s) were left on this issue during the judging contest.
0xyPhilic commented:
invalid because there is a check if the withdrawLend is allowed
Oxhunter526
medium
Lack of Functionality to Pause Position Reduction in Protocol
Summary
This is an issue from previous contest which hasn't been fixed. Link
Vulnerability Detail
The protocol lacks a specific mechanism to pause the functionality of reducing a position, which could expose the protocol to unintended liquidations, losses, or other negative outcomes.
Impact
The absence of a mechanism to pause position reduction could have severe consequences for the protocol and its users. During situations when the protocol needs to be paused for various reasons (e.g., market volatility, discovered vulnerabilities, regulatory requirements), users should not be able to reduce their positions, as this action could further destabilize the protocol or exacerbate risks.
Code Snippet
https://github.com/sherlock-audit/2023-07-blueberry/blob/main/blueberry-core/contracts/BlueBerryBank.sol#L720-L749
Tool used
Manual Review
Recommendation
It is recommended to implement a dedicated pause mechanism for the functionality of reducing positions.