Low Tangerine Cod
High
Borrows can renew their options, but option never expires, so liquidation will never occur
According to docs borrows should renew their options or it will be liquidated. In code their position will never be liquidated after 30 days.
Timestamp of 30 days will be added against every user in the backend for 30 days option maturity
Users will not pay revenue to protocol which they should by calling renewOptions every 30 days. Which means renewOptions will never be called
function renewOptions(
IBorrowing.Interfaces memory interfaces,
uint64 index
) external returns (bool) {
// calculate options fees needs to pay to renew
uint256 optionsFeesNeedsToPay = getOptionFeesToPay(interfaces.treasury,index);
// check whether the user has enough options fees to pay
if (interfaces.usda.balanceOf(msg.sender) < optionsFeesNeedsToPay) revert IBorrowing.Borrow_InsufficientBalance();
// transfer the options fees from user to treasury
-> bool sent = interfaces.usda.transferFrom(msg.sender, address(interfaces.treasury), optionsFeesNeedsToPay);
if (!sent) revert IBorrowing.Borrow_USDaTransferFailed();
// getting omnichain global data
IGlobalVariables.OmniChainData memory omniChainData = interfaces.globalVariables.getOmniChainData();
// updating last cumulative rate
omniChainData.lastCumulativeRate = interfaces.cds.calculateCumulativeRate(uint128(optionsFeesNeedsToPay));
omniChainData.totalCdsDepositedAmountWithOptionFees += optionsFeesNeedsToPay;
// updating omnichain data
interfaces.globalVariables.setOmniChainData(omniChainData);
return true;
}
Blockchain/Blockchian/contracts/lib/BorrowLib.sol#L627
none
none
none
Liquidation will not be happening for expired positions, protocol will lose that collateral which it should have. Protocol will not lose revenue via renewal which should be happening.
No response
Implement it
function liquidateExpired(address user) public onlyAdmin{
...
if(block.timestamp - depositDetail.optionsRenewedTimeStamp < 30 days) revert
...
}