The liquidation process attempts to refund excess Ether to the user instead of the caller (admin). This incorrect implementation can cause the liquidation to fail if the user’s fallback function reverts the transaction.

The code attempts to send Ether back to the user if liqAmountToGetFromOtherChain is 0. If the borrower implement fallback function that reverts, the liquidation can be prevented. The refund should be sent to the caller (admin) instead of the user.

        if (liqAmountToGetFromOtherChain == 0) {
            (bool sent, ) = payable(user).call{value: msg.value}("");
            require(sent, "Failed to send Ether");
        }

 https://github.com/sherlock-audit/2024-11-autonomint/blob/0d324e04d4c0ca306e1ae4d4c65f0cb9d681751b/Blockchain/Blockchian/contracts/Core_logic/borrowLiquidation.sol#L303

No response

No response

1. A user’s position becomes eligible for liquidation.
2. The liqAmountToGetFromOtherChain is 0.
3. The borrower’s contract implements a fallback function that reverts any Ether transfer.
4. During liquidation, the code attempts to send Ether back to the borrower.
5. The fallback function reverts, preventing the liquidation process from completing.

The incorrect handling of Ether refunds can lead to liquidation failures

No response

Update the code to correctly handle the Ether refund by sending it to the caller (admin) instead of the user. Here is the corrected code:

if (liqAmountToGetFromOtherChain == 0) {
    // Refund excess Ether to the caller (admin) instead of the user
    (bool sent, ) = payable(admin).call{value: msg.value}("");
    require(sent, "Failed to send Ether");
}