fugazzi - Fragile collateralization model will likely cause bad debt

[sherlock-admin2]

fugazzi

high

Fragile collateralization model will likely cause bad debt

Summary

Users are allowed to fully mint on their collateral value, potentially causing bad debt as soon as the collateral price drops.

Vulnerability Detail

The Ubiquity Pool allows users to mint Dollar tokens (uAD) by depositing collateral. The amount of uAD tokens a user is allowed to mint is given by the getDollarInCollateral() function:

    function getDollarInCollateral(
        uint256 collateralIndex,
        uint256 dollarAmount
    ) internal view returns (uint256) {
        UbiquityPoolStorage storage poolStorage = ubiquityPoolStorage();
        return
            dollarAmount
                .mul(UBIQUITY_POOL_PRICE_PRECISION)
                .div(10 ** poolStorage.missingDecimals[collateralIndex])
                .div(poolStorage.collateralPrices[collateralIndex]);
    }

This function takes the requested uAD amount (dollarAmount) and divides it by the current collateral price (poolStorage.collateralPrices[collateralIndex]), returned by Chainlink. This basically means that users are allowed to fully mint on their collateral value, the effective LTV on all collaterals is 100%.

This creates an extremely fragile ecosystem: whenever the price of an asset drops this will instantly mean bad debt for the protocol. Even if the collateral tokens are going to be non-volatile assets such as stablecoins DAI or LUSD, there is no guarantee that these are going to be always pegged to 1 USD. For example, there are times in which DAI dropped significantly from the $1 peg.

Impact

The collateralization model will fail as soon as any supported collateral drops in value, creating bad debt in the pool.

Code Snippet

https://github.com/sherlock-audit/2023-12-ubiquity/blob/main/ubiquity-dollar/packages/contracts/src/dollar/libraries/LibUbiquityPool.sol#L284-L294

Tool used

Manual Review

Recommendation

Introduce LTV configurations on collaterals to allow minting up to a certain value of the deposited collateral. Allow and incentivize liquidations to avoid bad debt in the protocol.

Duplicate of #17

[sherlock-admin2]

1 comment(s) were left on this issue during the judging contest.

auditsea commented:

The issue describes about the protocol insolvancy in case of collateral depeg. It's not avoidable, that's why the protocol has borrowing function to get yield, take fees on mint and redeem, these features will hedge the risk from protocol insolvancy

[sherlock-admin2]

1 comment(s) were left on this issue during the judging contest.

auditsea commented:

The issue describes about the protocol insolvancy in case of collateral depeg. It's not avoidable, that's why the protocol has borrowing function to get yield, take fees on mint and redeem, these features will hedge the risk from protocol insolvancy