This repository has been archived by the owner on Dec 17, 2023. It is now read-only.
0x52 - _calculateMaxBorrowCollateral calculates repay incorrectly and can lead to set token liquidation #254
Labels
High
A valid High severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
0x52
high
_calculateMaxBorrowCollateral calculates repay incorrectly and can lead to set token liquidation
Summary
When calculating the amount to repay,
_calculateMaxBorrowCollateral
incorrectly appliesunutilizedLeveragePercentage
when calculatingnetRepayLimit
. The result is that if theborrowValue
ever exceedsliquidationThreshold * (1 - unutilizedLeveragPercentage)
then all attempts to repay will revert.Vulnerability Detail
AaveLeverageStrategyExtension.sol#L1110-L1118
When calculating
netRepayLimit
,_calculateMaxBorrowCollateral
uses theliquidationThreshold
adjusted byunutilizedLeveragePercentage
. It then subtracts the borrow value from this limit. This is problematic because if the currentborrowValue
of the set token exceedsliquidationThreshold * (1 - unutilizedLeveragPercentage)
then this line will revert making it impossible to make any kind of repayment. Once no repayment is possible the set token can't rebalance and will be liquidated.Impact
Once the leverage exceeds a certain point the set token can no longer rebalance
Code Snippet
AaveLeverageStrategyExtension.sol#L1110-L1118
Tool used
Manual Review
Recommendation
Don't adjust the max value by
unutilizedLeveragPercentage
The text was updated successfully, but these errors were encountered: