Beedle - Oracle free perpetual lending
BeedleFi
DeFiFoundry
20,000 USDC
View results
Previous Next
Submission Details
Severity: high
Valid

Lender.sol: Does not support Fee-on-Transfer tokens.

pengun

Summary

Lender.sol does not support Fee-on-Transfer tokens, which makes the protocol unusable.

Vulnerability Details

The poolBalance is a very important variable that represents the pool's lendable assets. However, if the loanToken is a fee-on-transfer token, the poolBalance will be different from the actual amount of tokens held in the pool.

function addToPool(bytes32 poolId, uint256 amount) external {
if (pools[poolId].lender != msg.sender) revert Unauthorized();
if (amount == 0) revert PoolConfig();
_updatePoolBalance(poolId, pools[poolId].poolBalance + amount);
// transfer the loan tokens from the lender to the contract
IERC20(pools[poolId].loanToken).transferFrom( //@audit fee-on-transfer
msg.sender,
address(this),
amount
);
}

In addToPool increase the poolBalance by amount and get the user's token by amount. Since a fee is charged for fetching assets from transferFrom, the amount of tokens actually transferred to the contract will be less than amount, which means that the actual amount of tokens will be less than poolBalance, and when the user tries to borrow those assets, they will borrow some tokens from other pools, which may cause insolvency.

Impact

This can break the protocol.

Tools Used

VS Code

Recommendations

poolBalance에 실제 입금된 양을 더하십시오

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.