Critical Validation for Liquidation Fee Bounds Setting
Summary
The setLiquidationFeeBounds function is designed to update the lower and upper bounds for liquidation fees. However, there's an oversight in not checking whether the new lower and upper bounds are set to the same value, which could limit the protocol's flexibility in liquidation fee adjustments and potentially lead to operational inefficiencies.
Vulnerability Detail
The function correctly checks for zero values and ensures that the upper bound is greater than the lower bound to prevent setting illogical fee ranges. However, allowing the upper and lower bounds to be equal could effectively remove the intended range flexibility for liquidation fees, forcing a single fixed fee rate. This could be problematic under varying market conditions where more dynamic fee adjustments are necessary.
Impact
By not preventing the upper and lower liquidation fee bounds from being equal, the protocol could be restricted in its ability to respond to changes in market dynamics effectively. This could lead to either too high or too low liquidation fees in certain situations.
To enhance the function's robustness and the protocol's adaptability to market conditions, it is recommended to introduce a check ensuring that _newLiquidationFeeLowerBound is strictly less than _newLiquidationFeeUpperBound, not merely less than or equal to. This can be implemented as follows:
if (_newLiquidationFeeUpperBound <= _newLiquidationFeeLowerBound)
revert FlatcoinErrors.EqualBounds("Liquidation fee bounds must not be equal");
Implementing this additional validation step will preserve the intended range flexibility for setting liquidation fees, allowing the protocol to more effectively adapt to varying market conditions and maintain operational efficiency.
0xrobsol
medium
Critical Validation for Liquidation Fee Bounds Setting
Summary
The setLiquidationFeeBounds function is designed to update the lower and upper bounds for liquidation fees. However, there's an oversight in not checking whether the new lower and upper bounds are set to the same value, which could limit the protocol's flexibility in liquidation fee adjustments and potentially lead to operational inefficiencies.
Vulnerability Detail
The function correctly checks for zero values and ensures that the upper bound is greater than the lower bound to prevent setting illogical fee ranges. However, allowing the upper and lower bounds to be equal could effectively remove the intended range flexibility for liquidation fees, forcing a single fixed fee rate. This could be problematic under varying market conditions where more dynamic fee adjustments are necessary.
Impact
By not preventing the upper and lower liquidation fee bounds from being equal, the protocol could be restricted in its ability to respond to changes in market dynamics effectively. This could lead to either too high or too low liquidation fees in certain situations.
Code Snippet
https://github.com/sherlock-audit/2023-12-flatmoney/blob/main/flatcoin-v1/src/LiquidationModule.sol#L314
Tool used
Manual Review
Recommendation
To enhance the function's robustness and the protocol's adaptability to market conditions, it is recommended to introduce a check ensuring that _newLiquidationFeeLowerBound is strictly less than _newLiquidationFeeUpperBound, not merely less than or equal to. This can be implemented as follows: