Skip to content
This repository has been archived by the owner on Dec 17, 2023. It is now read-only.

Latest commit

 

History

History
59 lines (44 loc) · 2.51 KB

114.md

File metadata and controls

59 lines (44 loc) · 2.51 KB
Raw

Ruhum

high

Giving an account a credit limit in one market protects them from liquidation in all other markets

Summary

The admin is able to grant an account a credit limit for a given market. That allows them to borrow funds up to the limit without having to deposit any collateral. But, that prevents the account from being liquidatable in all the other markets.

Vulnerability Detail

A user is deemed a credit account if it has a credit limit in at least one market:

    function isCreditAccount(address user) public view returns (bool) {
        return allCreditMarkets[user].length > 0;
    }

Credit accounts are protected from liquidation:

    function liquidate(
        address liquidator,
        address borrower,
        address marketBorrow,
        address marketCollateral,
        uint256 repayAmount
    ) external nonReentrant isAuthorized(liquidator) {
        // ...
        require(!isCreditAccount(borrower), "cannot liquidate credit account");
        // ...
    }

This poses a risk to the protocol as it increases the potential exposure it has to bad debt from that user.

There are some restrictions to a credit account:

  • they are not able to deposit any new collateral
  • in the market where they have the credit limit, they can't borrow more than that even if they have enough collateral.

But, that opens up the following issue:

  • the account can frontrun the admin's setCreditLimit() tx to load the address with collateral.
  • after receiving the credit limit it can then borrow funds from the other markets where it has no credit limit
  • if that debt turns unhealthy, e.g. the collateral loses value you're not able to liquidate that position.

If the position is not liquidated in time you could run into a scenario where the position is not worth liquidating anymore. That could be the case if the collateral loses so much value that the borrowed funds are worth more than it. Or, if the borrowed funds gain in value.

Impact

The protocol has increased exposure to bad debt because credit accounts can't be liquidated in markets where they don't have a credit limit.

Code Snippet

https://github.com/sherlock-audit/2023-05-ironbank/blob/main/ib-v2/src/protocol/pool/IronBank.sol#L492-L492 https://github.com/sherlock-audit/2023-05-ironbank/blob/main/ib-v2/src/protocol/pool/IronBank.sol#L240

Tool used

Manual Review

Recommendation

The liquidation protection should only be placed on the market where the account has a credit limit. All the other position's should be fully liquidatable.