This repository has been archived by the owner on May 26, 2023. It is now read-only.
ak1 - increaseCollateralAmount : User is not allowed to increase collateral freely. #229
Comments
This was referenced Dec 12, 2022
|
Fixes look good. Liquidation margin check has been removed when adding collateral |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
ak1
medium
increaseCollateralAmount : User is not allowed to increase collateral freely.
Summary
For all the tree type of vault, a user is allowed to increase collateral only if the overall collateral value is higher than the margin value.
imo, this restriction may not be needed. anyway user is adding the collateral that could eventually save from liquidation.
Protocol will loose advantage due to this restriction.
Vulnerability Detail
Codes from lyra vault implementation :
https://github.com/sherlock-audit/2022-11-isomorph/blob/main/contracts/Isomorph/contracts/Vault_Lyra.sol#L155-L192
Line 184
For synth - Refer here
For velo - Refer here
Impact
User may not have the collateral all at once, but they can add like an EMI.
Protocol will loose the repayment anyway.
What is no one comes for liquidation - again this could lose.
Code Snippet
Refer vulnerability section
Tool used
Manual Review
Recommendation
Allow user add collateral freely.
The text was updated successfully, but these errors were encountered: