Platform: Code4rena
Start Date: 16/01/2024
Pot Size: $80,000 USDC
Total HM: 37
Participants: 178
Period: 14 days
Judge: Picodes
Total Solo HM: 4
Id: 320
League: ETH
Rank: 173/178
Findings: 1
Award: $0.78
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: 0xbepresent
Also found by: 00xSEV, 0xAlix2, 0xAsen, 0xBinChook, 0xCiphky, 0xRobocop, 0xanmol, 0xlemon, 0xpiken, Arz, Audinarey, Auditwolf, Aymen0909, Banditx0x, CaeraDenoir, DanielArmstrong, Draiakoo, HALITUS, Infect3d, J4X, Jorgect, Kalyan-Singh, KingNFT, Krace, PENGUN, Toshii, Udsen, ayden, b0g0, c0pp3rscr3w3r, developerjordy, djxploit, erosjohn, holydevoti0n, iamandreiski, israeladelaja, juancito, klau5, lanrebayode77, memforvik, mussucal, n0kto, novodelta, pkqs90, solmaxis69, stackachu, twcctop, zhaojie, zhaojohnson
0.7809 USDC - $0.78
https://github.com/code-423n4/2024-01-salty/blob/main/src/stable/CollateralAndLiquidity.sol#L154 https://github.com/code-423n4/2024-01-salty/blob/main/src/staking/StakingRewards.sol#L107
the cooldown restriction prevents users from being liquidated, this can only be done until the cooldown period has passed.
This restriction may prevent timely liquidation of users.
Manual review
Liquidating users shouldn't depend on the cooldown period.
Change line 154 in the liquidateUser method
- _decreaseUserShare( wallet, collateralPoolID, userCollateralAmount, true ); + _decreaseUserShare( wallet, collateralPoolID, userCollateralAmount, false );
Timing
#0 - c4-judge
2024-01-31T22:47:55Z
Picodes marked the issue as duplicate of #891
#1 - c4-judge
2024-01-31T22:48:00Z
Picodes marked the issue as duplicate of #891
#2 - c4-judge
2024-01-31T22:48:06Z
Picodes changed the severity to 3 (High Risk)
#3 - c4-judge
2024-02-21T16:52:29Z
Picodes marked the issue as satisfactory
#4 - thebrittfactor
2024-02-21T21:53:39Z
For transparency, the judge confirmed issue should be marked as duplicate-312.