`MorphoBalancesLib.expectedBorrowAssets` may return a value greater than `totalBorrowAssets`

Question

`MorphoBalancesLib.expectedBorrowAssets` may return a value greater than `totalBorrowAssets`

Closed this issue 10 months ago · 4 comments

This issue has not been raised in a cantina finding.

    function testExpectedBorrowAssetsLeTotalBorrowAssets(uint256 borrowedShares) public {
        borrowedShares = bound(borrowedShares, 1, SharesMathLib.VIRTUAL_SHARES - 1);

        collateralToken.setBalance(BORROWER, 1);

        oracle.setPrice(1e37);

        vm.startPrank(BORROWER);
        morpho.supplyCollateral(marketParams, 1, BORROWER, hex"");
        morpho.borrow(marketParams, 0, borrowedShares, BORROWER, BORROWER);
        vm.stopPrank();

        (,, uint256 totalBorrowAssets,) = morpho.expectedMarketBalances(marketParams);

        assertLe(morpho.expectedBorrowAssets(marketParams, BORROWER), totalBorrowAssets);
    }

Run: yarn test:forge -vvv --mt testExpectedBorrowAssetsLeTotalBorrowAssets

This is due to the toAssetsUp

Here is another test that shows that this happens whatever totalBorrowAssets (not only where it is zero):

    function testAssetsUp(uint256 shares, uint256 totalAssets, uint256 totalShares) public {
        totalAssets = bound(totalAssets, 0, type(uint128).max);
        totalShares = bound(totalShares, 1, type(uint128).max);
        shares = bound(shares, 1, totalShares);

        vm.assume(totalAssets >= 1 ether);

        assertLe(shares.toAssetsUp(totalAssets, totalShares), totalAssets);
    }

The end stakes are:

Underflow upon repay/liquidate because totalBorrowAssets < repaidAssets, when using the return value as input
This rounding seems to only happen when shares ~= totalShares +- 10

(1) is addressed via https://github.com/morpho-labs/morpho-blue-private/blob/f463e40f776acd0f26d0d380b51cfd02949c8c23/src/libraries/periphery/MorphoBalancesLib.sol#L108-L109

(2) is unlikely because it requires the borrow shares to be concentrated to a single address

Answer 1 · 2023-12-05T13:18:18.000Z

I think this is expected, because we want to over value borrow assets. It is also acknowledged in a comment, so I'm fine with not doing anything for this issue

Answer 2 · 2023-12-05T13:19:52.000Z

It is also acknowledged in a comment

Where is it acknowledged?

Answer 3 · 2023-12-05T13:37:21.000Z

In the link you provided it seems like it is actually saying the same thing no ?

(1) is addressed via https://github.com/morpho-labs/morpho-blue-private/blob/f463e40f776acd0f26d0d380b51cfd02949c8c23/src/libraries/periphery/MorphoBalancesLib.sol#L108-L109

Answer 4 · 2023-12-05T14:12:20.000Z

This comment is only about repaying, whereas it's a broader issue
I would rephrase this comment and be fine with it then