You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
liquidate() function has a msg.sender's healthy position check at the end of the execution. However, it shouldn't be there as the msg.sender's position has no relation to the liquidated one. Hence, the liquidation can revert when shouldn't. Also, the person that has such an issue can borrow such amount of assets to make the position liquidatable, transfer them to another wallet and call the liquidate() there and it won't revert.
Impact
The liquidation transaction can revert when not expected.
Tools Used
Manually
Recommendations
Remove this check.
The text was updated successfully, but these errors were encountered:
Redundant healthy position check
Severity
Medium Risk
Summary
liquidate() function can revert when shouldn't.
Vulnerability Details
liquidate() function has a msg.sender's healthy position check at the end of the execution. However, it shouldn't be there as the msg.sender's position has no relation to the liquidated one. Hence, the liquidation can revert when shouldn't. Also, the person that has such an issue can borrow such amount of assets to make the position liquidatable, transfer them to another wallet and call the liquidate() there and it won't revert.
Impact
The liquidation transaction can revert when not expected.
Tools Used
Manually
Recommendations
Remove this check.
The text was updated successfully, but these errors were encountered: