Assessment reports>Nukem Loans>Critical findings>[FIXED] Collateral inflation attack allows for theft of funds
Category: Business Logic

[FIXED] Collateral inflation attack allows for theft of funds

Critical Severity
Critical Impact
High Likelihood


The maximum withdraw amount for a user is calculated as the swappable value of their collateral minus their debt.

  function maxWithdraw(
      address account
  ) public view virtual override returns (uint256) {
      IDebt debt = _market.debt();
      uint256 account_debt_assets = debt.assetsOf(account);
      if (account_debt_assets == 0) return asset_balance;

      ILendingStrategy strategy = _market.strategy();
      uint256 debt_value = _market.swapper().valueOf(
      uint256 borrowable_collateral = (asset_balance *
          strategy.maxCollateralizationRatio()) / strategy.precision();
          (borrowable_collateral > debt_value)
              ? borrowable_collateral - debt_value
              : 0;


It is profitable for a malicious attacker to manipulate the underlying pool in order to inflate the value of their collateral. This allows them to withdraw most of the collateral while keeping the debt that is worth more than the original collateral. As a result of this, protocol funds can be stolen.


Only allow withdrawal of collateral once all the debt has been paid off.


The Nukem team has fixed this issue by removing the partial withdraw mechanism in commit 2e3ecbe0.

Zellic © 2023Back to top ↑