DeFi

Liquidation

Liquidation is a protocol action that repays or closes an undercollateralized borrow position and transfers collateral according to the protocol's rules.

If a borrower no longer has enough collateral, the protocol lets another participant repay debt and take collateral.

Liquidation Explained in Detail

Liquidation is the process that protects a lending protocol when a borrower's collateral no longer covers the debt under the protocol's risk rules. A liquidator repays part or all of the borrower's debt and receives collateral, often with a liquidation bonus.

Liquidation is not a bug by itself. The bug risk is in the math, eligibility check, incentive design, token transfers, and oracle inputs that decide when and how liquidation happens.

Smart contract example

The simplified logic below liquidates when the position is below the threshold:

function liquidate(address borrower, uint256 repayAmount) external {
    require(healthFactor(borrower) < 1e18, "healthy");

    _reduceDebt(borrower, repayAmount);
    uint256 collateralAmount = _seizeCollateral(borrower, repayAmount);

    debtToken.transferFrom(msg.sender, address(this), repayAmount);
    collateralToken.transfer(msg.sender, collateralAmount);
}

The review must verify healthFactor, collateral calculation, debt accounting, non-standard token behavior, and whether state changes happen before external transfers.

Liquidation in Auditing

Liquidation bugs can liquidate healthy users, leave bad debt, overpay liquidators, block liquidation entirely, or make oracle manipulation profitable.

The central audit question is whether debt and collateral stay consistent across price movement, interest accrual, rounding, partial liquidation, and token-transfer edge cases.

Red flags in code

  • Eligibility depends on stale or manipulable prices.

  • Rounding favors liquidators near the threshold in a way that drains users.

  • Close factor, liquidation bonus, or protocol fee jumps at exact threshold values such as 1e18, max close factor, or dust limits.

  • Partial liquidation leaves dust debt or collateral that cannot be cleared.

  • External token transfers happen before debt and collateral state are finalized.

How to test or review it

  • Test positions just above, exactly at, and just below the liquidation threshold.

  • Fuzz collateral decimals, price decimals, debt interest, and repay amounts.

  • Simulate flash loan assisted price movement before liquidation.

  • Check whether partial liquidation can leave bad debt, dust, or an unliquidatable account.

  • Verify liquidation remains possible when prices move quickly, utilization is high, collateral is partially paused, or oracle freshness is near its allowed limit.

Sources