Omniscia Evergon Labs Audit

LiquidationForceUnlockFacet Manual Review Findings

LiquidationForceUnlockFacet Manual Review Findings

LFU-01M: Inexistent Validation of Caller Authorization

Description:

The LiquidationForceUnlockFacet::doForceUnlockOnLiquidation function does not apply any validation to its caller and the TwoClickLiquidationSkeleton and TwoClickLiquidationSkeletonNID contracts that integrate with it do not apply any either.

Impact:

Any caller can forcefully unlock the underlying NFT of a campaign as long as it has achieved the post-liquidation state mandated by the SingleStateLiquidationFacet::checkLiquidationState function.

Example:

packages/contracts/contracts/subInternalFacets/twoClickLiquidationPhaseFacets/liquidationForceUnlockFacets/LiquidationForceUnlockFacet.sol
12function doForceUnlockOnLiquidation(uint256 campaignId, address account) external onlyInternalDelegateCall {
13    address fractionaliser = GeneralStorage.layout().infoForId[campaignId].fractionsContract;
14    IFraction(fractionaliser).forceUnlockNft(account);
15}

Recommendation:

We advise proper caller authorization to be imposed on either the LiquidationForceUnlockFacet implementation or its parent callers, ensuring that the correct party can forcefully unlock a liquidated NFT.

Alleviation (71cda4ccfdcfa25fb96a4565f1f8143b350dd246):

The Evergon Labs team evaluated this exhibit and advised us that the two-click liquidation facets that integrate with it do indeed apply access control either via the NID system or via the ILiquidationEligibilityFacet::checkLiquidationEligibility function calls.

We evaluated the assurances provided by both validation approaches and consider them adequate, rendering this exhibit to be invalidated.

Prev

LendingOracleFacetStorage.sol (LOS-M)

Next

MarginCallSubSkeletonNID.sol (MCN-M)

On this page