0x3e84fa45 - Collateral can be auctioned off at stale price

[sherlock-admin]

0x3e84fa45

medium

Collateral can be auctioned off at stale price

Summary

In an ongoing auction, additional collateral is added with each debt seizure, and it is subsequently sold at the prevailing auction price. The ongoing auction price can significantly deviate from the the fair value when low quantities are being auctioned.

Vulnerability Detail

The auction begins at the market price and gradually decreases to 0.
This system can be exploited by an attacker who manipulates an ongoing auction and then triggers a new auction at the stale price by calling settleBadDebt.

Here is an example of an ETH Auction scenario:

0. The market price of ETH is 1000 USD
1. Attacker purchases all but 1 Wei from the ongoing auction
2. The auction price decreases to 1 USD as no other bidders are willing to bid, since transaction costs outweighing potential profit.
3. Attacker calls settleBadDebt, injecting an additional 10 ETH into the auction.
4. Attacker acquires 10 ETH at 1 USD each, which is significantly below the market price.

Impact

The insurance fund and all insurance stakers generate a loss as they sell their seized collateral at a price that is significantly below the market price.

Code Snippet

https://github.com/sherlock-audit/2023-04-hubble-exchange/blob/main/hubble-protocol/contracts/InsuranceFund.sol#L167-L168
https://github.com/sherlock-audit/2023-04-hubble-exchange/blob/main/hubble-protocol/contracts/InsuranceFund.sol#L184

Tool used

Manual Review

Recommendation

The core issue is that an auction can become stale when not enough collateral is being auctioned off. This can be avoided by setting a minimum size for each collateral type added as margin.
Further we must add a check to the buyCollateralFromAuction function to verify that the bidder either buys the full amount of collateral or keeps enough funds in the ongoing auction to attract bidders:

function buyCollateralFromAuction(address token, uint amount) override external {
	Auction memory auction = auctions[token];
	// validate auction
	require(_isAuctionOngoing(auction.startedAt, auction.expiryTime), "IF.no_ongoing_auction");

	// transfer funds
	uint vusdToTransfer = _calcVusdAmountForAuction(auction, token, amount);
	address buyer = _msgSender();
	vusd.safeTransferFrom(buyer, address(this), vusdToTransfer);
	IERC20(token).safeTransfer(buyer, amount); // will revert if there wasn't enough amount as requested

+       // auction must be liquid enough to attract bidders
+       uint256 tokenRemaining = IERC20(token).balanceOf(address(this));
+       require(tokenRemaining == 0 ||
+       _calcVusdAmountForAuction(auction, + token, tokenRemaining) > 10e6)

	// close auction if no collateral left
	if (IERC20(token).balanceOf(address(this)) == 0) {
		auctions[token].startedAt = 0;
	}
}

Duplicate of #168