Flashloan44 - Potential DOS on deleveraging which can lead to unfair liquidation

[sherlock-admin3]

Flashloan44

High

Potential DOS on deleveraging which can lead to unfair liquidation

Summary

Deleveraging can't be executed due to repayment is not possible.

Root Cause

Deleveraging process involves the calculation of maximum amount to repay for a loan. As you can see the function below line 1137, this is where calculation involves subtraction of borrow balance from net borrow limit. If the borrow balance is more than net borrow limit, the operation will revert.

File: MorphoLeverageStrategyExtension.sol
1123:     function _calculateMaxBorrowCollateral(ActionInfo memory _actionInfo, bool _isLever) internal virtual view returns(uint256) {
1124: 
1125:         // Note NetBorrow Limit is already denominated in borrow asset
1126:         uint256 netBorrowLimit = _actionInfo.collateralBalance
1127:             .mul(_actionInfo.collateralPrice).div(MORPHO_ORACLE_PRICE_SCALE)
1128:             .preciseMul(_actionInfo.lltv)
1129:             .preciseMul(PreciseUnitMath.preciseUnit().sub(execution.unutilizedLeveragePercentage));
1130: 
1131:         if (_isLever) {
1132:             return netBorrowLimit
1133:                 .sub(_actionInfo.borrowBalance)
1134:                 .mul(MORPHO_ORACLE_PRICE_SCALE).div(_actionInfo.collateralPrice);
1135:         } else {
1136:             return _actionInfo.collateralBalance
1137:                 .preciseMul(netBorrowLimit.sub(_actionInfo.borrowBalance)) //@audit this can revert if borrow balance is more than net borrow borrow limit
1138:                 .preciseDiv(netBorrowLimit);
1139:         }
1140:     }

Borrow balance can be more than net borrow limit due to the following:

1. accumulating growing interest of the loan.
2. impact of sudden surge of high interest due to higher utilization rate.
3. conversion of collateral token to loan token become lower.

So the impact will be is the user won't able to repay the loan position when it is needed the most, the moment it exceeds the net borrow limit is probably in the near liquidation level. When you can't repay at this crucial moment, liquidation is imminent and the collateral won't be recovered.

Internal pre-conditions

1. The borrow balance exceeds net borrow limit.

External pre-conditions

No response

Attack Path

No response

Impact

The user can't repay his loan position at crucial moment therefore resulting to unfair liquidation.

PoC

Here is the scenario to describe the situation:
Let's give first the initial state of the loan: LLTV is 90% of the collateral, buffer or unutilizedLeveragePercentage is 2%, collateral token amount is 100. To simplify the situation, collateral token has 1:1 conversion with loan token

1. At this moment, the current borrow balance is 80 loan tokens (80% ltv).
2. After some period, the borrow balance grows to 89 loan tokens due to interest.
3. Since it is nearing liquidation, user manager want to delever the loan position. He wants to repay the portion of the loan.
4. He executed the delever but failed due to net borrow limit is (100 collateral minus 12 percent (10 of lltv and 2 buffer)) is 88 in which it should be subtracted by 89 borrow balance, result is negative, therefore revert.
5. Collateral has been liquidated.

Mitigation

Deleveraging should not be restricted in a certain amount. It should give the user the freedom to repay the loan in any amount until it paid it fully.