search

sherlock-audit / 2024-03-flat-money-fix-review-contest-judging

3 stars 2 forks source link

Dudex_2004 - Users could get the `liquidatorFee` by calling `liquidate` function themselves. #6

Closed sherlock-admin2 closed 4 months ago

sherlock-admin2 commented 4 months ago

Dudex_2004

medium

Users could get the liquidatorFee by calling liquidate function themselves.

Summary

See details.

Vulnerability Detail

The liquidate function is responsible for liquidating the position of user . However , there is no check for liquidator to be unique. So now users are able to collect liquidatorFee by liquidating themselves.

Impact

Eventually users will be in profit after liquidation

Code Snippet

https://github.com/sherlock-audit/2024-03-flat-money-fix-review-contest/blob/main/flatcoin-v1/src/LiquidationModule.sol#L141

Tool used

Manual Review

Recommendation

Add a check for msg.sender should not be a tokenId holder.

sherlock-admin4 commented 4 months ago

1 comment(s) were left on this issue during the judging contest.

takarez commented:

invalid. they liquidate, they should be paid.