Beedle - Oracle free perpetual lending
BeedleFi
DeFiFoundry
20,000 USDC
View results
Previous Next
Submission Details
Severity: medium

Transaction may revert when a borrower refinances a loan

CircleLooper

Summary

Transaction may revert when a borrower refinances a loan.

Vulnerability Details

When a borrower refinances a loan, the borrower specifis new desired debt amount, protocol calculates the debtToPay and compares debtToPay with the new debt:

if (debtToPay > debt) {
// we owe more in debt so we need the borrower to give us more loan tokens
// transfer the loan tokens from the borrower to the contract
IERC20(loan.loanToken).transferFrom(
msg.sender,
address(this),
debtToPay - debt
);
} else if (debtToPay < debt) {
// we have excess loan tokens so we give some back to the borrower
// first we take our borrower fee
uint256 fee = (borrowerFee * (debt - debtToPay)) / 10000;
IERC20(loan.loanToken).transfer(feeReceiver, fee);
// transfer the loan tokens from the contract to the borrower
IERC20(loan.loanToken).transfer(msg.sender, debt - debtToPay - fee);
}

If debtToPay < debt, before sending back the excess loan tokens back to the borrower, protocol calculates the borrower fee:

uint256 fee = (borrowerFee * (debt - debtToPay)) / 10000;

Then sends fee to the fee receiver:

IERC20(loan.loanToken).transfer(feeReceiver, fee);

If debtToPay is very close to debt, fee will be 0, transaction will revert if the loanToken used in the contract is an unconventional token that reverts when attempting to transfer 0 tokens.

Impact

Refinance transaction reverts.

Tools Used

Manual Review

Recommendations

If the calculated fee amount is 0, skip transferring fee to the fee receiver.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.