Platform: Code4rena
Start Date: 12/08/2022
Pot Size: $50,000 USDC
Total HM: 15
Participants: 120
Period: 5 days
Judge: Justin Goro
Total Solo HM: 6
Id: 153
League: ETH
Rank: 22/120
Findings: 2
Award: $238.34
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: auditor0517
Also found by: 0xA5DF, _Adam, cccz, minhquanym, minhtrng, zzzitron
192.5076 USDC - $192.51
Judge has assessed an item in Issue #193 as Medium risk. The relevant finding follows:
#0 - gititGoro
2022-10-07T02:21:58Z
Low-00: dirtyLiquidationFee mismatches comments is a medium risk severity issue.
#1 - gititGoro
2022-10-07T02:22:20Z
Duplicate of #238
🌟 Selected for report: 0x1f8b
Also found by: 0x52, 0xA5DF, 0xDjango, 0xNazgul, 0xNineDec, 0xSmartContract, 0xmatt, 0xsolstars, Aymen0909, Bnke0x0, CertoraInc, Chom, CodingNameKiki, Deivitto, Dravee, ElKu, EthLedger, Funen, IllIllI, JC, Junnon, Lambda, LeoS, MiloTruck, Noah3o6, PaludoX0, ReyAdmirado, Rohan16, RoiEvenHaim, Rolezn, SaharAP, Sm4rty, SooYa, The_GUILD, TomJ, Waze, Yiko, _Adam, __141345__, a12jmx, ak1, asutorufos, auditor0517, ayeslick, ballx, beelzebufo, berndartmueller, bin2chen, brgltd, c3phas, cRat1st0s, cccz, cryptonue, cryptphi, d3e4, delfin454000, dipp, djxploit, durianSausage, dy, erictee, fatherOfBlocks, gogo, gzeon, hyh, ignacio, kyteg, ladboy233, medikko, mics, minhquanym, oyc_109, pfapostol, rbserver, reassor, ret2basic, robee, sach1r0, simon135, sryysryy, tabish, yac, yash90, zzzitron
45.8345 USDC - $45.83
| Risk | title |
|---|---|
| L00 | dirtyLiquidationFee mismatches comments |
| L01 | risky zero maxLTV |
dirtyLiquidationFee mismatches commentsThe dirtyLiquidationFee is currently 9% of clean fee, which does not match the comment of 90% of clean fee.
The fee information is used in the FraxlendPairCore::liquidateClean function (line 990)
// FraxlendPairCore.sol 193 cleanLiquidationFee = _liquidationFee; 194 dirtyLiquidationFee = (_liquidationFee * 9000) / LIQ_PRECISION; // 90% of clean fee // FraxlendPairConstants.sol 35 uint256 internal constant LIQ_PRECISION = 1e5;
maxLTVWhen maxLTV is zero, the function _isSolvent always returns true, meaning everybody is solvent regardless to the borrow or collateral amount.
When undercollateralized loan is possible, the borrow white list is forced to be active. But the white list is not enforced in the case is zero maxLTV. Given zero maxLTV is riskier because everybody is considered solvent regardless to the collateral and borrow amount, there should be safe guard against it.
<!-- zzzitron QA -->// FraxlendPairCore.sol // line 308: when maxLTV is zero, everybody is solvent 307 function _isSolvent(address _borrower, uint256 _exchangeRate) internal view returns (bool) { 308 if (maxLTV == 0) return true; 309 uint256 _borrowerAmount = totalBorrow.toAmount(userBorrowShares[_borrower], true); 310 if (_borrowerAmount == 0) return true; 311 uint256 _collateralAmount = userCollateralBalance[_borrower]; 312 if (_collateralAmount == 0) return false; 313 314 uint256 _ltv = (((_borrowerAmount * _exchangeRate) / EXCHANGE_PRECISION) * LTV_PRECISION) / _collateralAmount; 315 return _ltv <= maxLTV; 316 } // FraxlendPairCore constructor // when undercollaterized loan is possible, the borrow whitelist is forced to be active // but not when the maxLTV is zero 196 if (_maxLTV >= LTV_PRECISION && !_isBorrowerWhitelistActive) revert BorrowerWhitelistRequired(); 197 maxLTV = _maxLTV;