The liquidation bonus is not distributed fairly during emergency liquidations, leading to backrunning.
Summary
During an emergency repayment (liquidation), the liquidation bonus is currently awarded to only the last liquidator. This behaviour leads to backrunning. For fairness and accuracy, the liquidation bonus should be distributed on a per-loan basis.
Vulnerability Detail
The issue arises when owners of loans initiate an emergency repayment. In the current implementation, only the final repayment, which closes the entire borrowing position, receives the liquidation bonus. This is evident in the code snippet below:
if (completeRepayment) {
LoanInfo[] memory empty;
_removeKeysAndClearStorage(borrowing.borrower, params.borrowingKey, empty);
feesAmt += liquidationBonus; // @audit-issue this not good as the liqudation bonus gets just to the last emergency liquidator
However, the liquidation bonus should be distributed individually for each loan, as indicated in the calculation of the bonus:
function getLiquidationBonus(
address token,
uint256 borrowedAmount,
uint256 times
) public view returns (uint256 liquidationBonus) {
...
liquidationBonus *= times; //@audit-info here makes liquidation bonus *= loans.length
}
Therefore, during emergency repayments, the bonus should be distributed based on the number of loans to ensure fairness. Failure to do so may result in backrunning among position owners, with the last liquidator receiving the entire bonus.
Impact
This vulnerability leads to the loss of the "liquidation bonus" for the lenders who were the first to liquidate (repay) their positions based on the incorrect model of asset distribution.
To address this issue, it is recommended to distribute the liquidation bonus evenly among all loans during an emergency repayment. Modify the code to divide the bonus by the number of loans, ensuring that each loan's liquidator receives a fair share of the bonus.
talfao
medium
The liquidation bonus is not distributed fairly during emergency liquidations, leading to backrunning.
Summary
During an emergency repayment (liquidation), the liquidation bonus is currently awarded to only the last liquidator. This behaviour leads to backrunning. For fairness and accuracy, the liquidation bonus should be distributed on a per-loan basis.
Vulnerability Detail
The issue arises when owners of loans initiate an emergency repayment. In the current implementation, only the final repayment, which closes the entire borrowing position, receives the liquidation bonus. This is evident in the code snippet below:
However, the liquidation bonus should be distributed individually for each loan, as indicated in the calculation of the bonus:
Therefore, during emergency repayments, the bonus should be distributed based on the number of loans to ensure fairness. Failure to do so may result in backrunning among position owners, with the last liquidator receiving the entire bonus.
Impact
This vulnerability leads to the loss of the "liquidation bonus" for the lenders who were the first to liquidate (repay) their positions based on the incorrect model of asset distribution.
Code Snippet
Just the last liquidator(owner of position) gets a liqudation bonus: Liquidation bonus distribution However, the calculation of the bonus is done like this: Liquidation bonus calculation
Tool used
Manual Review
Recommendation
To address this issue, it is recommended to distribute the liquidation bonus evenly among all loans during an emergency repayment. Modify the code to divide the bonus by the number of loans, ensuring that each loan's liquidator receives a fair share of the bonus.