sherlock-admin2
commented
7 months ago 1 comment(s) were left on this issue during the judging contest.
WangAudit commented:
assume owner is trusted here
Closed sherlock-admin4 closed 7 months ago
sherlock-admin2
commented
7 months ago 1 comment(s) were left on this issue during the judging contest.
WangAudit commented:
assume owner is trusted here
nevillehuang
commented
7 months ago @cryptotechmaker There seems to be no impact from this issue so I am inclined to invalidate
cryptotechmaker
commented
7 months ago @nevillehuang
This is invalid yes; However that setter part can be removed bc it's not used anywhere. It was part of another old code that it's not used anymore
liquidationCollateralizationRate is set already in setMarketConfig from Market.sol
cryptotechmaker
commented
7 months ago Just for reference; I removed that old code https://github.com/Tapioca-DAO/Tapioca-bar/pull/350
cergyk
medium
Singularity::setSingularityConfig Wrong liquidationCollateralizationRate is set
Summary
the function setSingularityConfig enables to set some configuration variables on the Singularity contract. However the wrong liquidationCollateralizationRate is set, which could lead to unwanted liquidations.
Vulnerability Detail
We can see here that the variable which is set in
setSingularityConfiglqCollateralizationRate is not used anywhere.Impact
The wrong variable is set for liquidation collateralization rate, and can cause a wrong value for the actually used variable (
liquidationCollateralizationRate) if set this way.Code Snippet
Tool used
Manual Review
Recommendation
Set the actual variable
liquidationCollateralizationRate, and remove this unused variable