sherlock-admin2
commented
1 year ago 1 comment(s) were left on this issue during the judging contest.
0xpep7 commented:
dup and same author as 187
Closed sherlock-admin2 closed 1 year ago
sherlock-admin2
commented
1 year ago 1 comment(s) were left on this issue during the judging contest.
0xpep7 commented:
dup and same author as 187
jah
high
the function takeoverDebt doesn't properly update the liquidator balance
Summary
the function takeoverdebt doesn't not properly update the liquidator balance which might lead to fund loss
Vulnerability Detail
the function takeoverdebt is used to liquidate another borrower and transfer the position into the liquidator and when transferring the loan[] using
_addKeysAndLoansInfo(newBorrowing.borrowedAmount > 0, borrowingKey, oldLoans);it is using the liquidated borrowingkey instead of the new one so the loan will will be updated into the previous one so when repaying using the repay function it might not use all the positionImpact
loss of fund
Code Snippet
https://github.com/sherlock-audit/2023-10-real-wagmi/blob/main/wagmi-leverage/contracts/LiquidityBorrowingManager.sol#L441
Tool used
Manual Review
Recommendation
use newBorrowingKey instead of borrowingKey
Duplicate of #53