Contract fails to deliver promised returns, but doesn't lose value
Description
Brief/Intro
in the function liquidate, there is a check that make sure the borrower trove is in active statue, however this check is not necessary since this check executes in require_all_troves_are_active when the internal_batch_liquidate_troves executed, this is not an issue and can be accepted as best practice or closed by the team( we let the judgment to the teams).
as it shown above, it checks if the borrower trove is active and then call to internal_batch_liquidate_troves invoked which checks for the same thing for each borrower(or one borrower in case of one borrower liquidated):
#[storage(read, write)]
fn internal_batch_liquidate_troves(
borrowers: Vec<Identity>,
upper_partial_hint: Identity,
lower_partial_hint: Identity,
) {
// Prevent reentrancy
require(
storage
.lock_internal_batch_liquidate_troves
.read() == false,
"TroveManager: Internal batch liquidate troves is locked",
);
storage.lock_internal_batch_liquidate_troves.write(true);
// Ensure there are borrowers to liquidate
require(
borrowers
.len() > 0,
"TroveManager: No borrowers to liquidate",
);
//sanity checks
require_all_troves_unique(borrowers);
require_all_troves_are_active(borrowers); //@audit same check
require_all_troves_sorted_by_nicr(borrowers);
...
}
#[storage(read)]
fn require_all_troves_are_active(borrowers: Vec<Identity>) {
let mut i = 0;
while i < borrowers.len() {
require(
storage
.troves
.get(borrowers.get(i).unwrap())
.read()
.status == Status::Active,
"TroveManager: Trove is not active",
);
i += 1;
}
}
the check in liquidate can be removed since the check will be executed in the internal function anyway.
Impact Details
double checking for active borrower is not necessary when liquidating users.
References
remove the check in the liquidate function(optional)
Proof of Concept
Proof of Concept
there is no POC to be created to show best practice reports in this case.
