Malicious lenders can frontrun the `borrow` function to unexpectedly increase the interest rate
Summary
Malicious lenders can frontrun the borrow function (in Lender.sol) to increase loan interest rate to the max value
Vulnerability Details
A malicious lender establishes a lending pool and waits for a borrow transaction to be called on their pool, upon which they call updateInterestRate() with a high gas tip, updating their pool's interest rate to the maximum allowed value. As a result, the interest rate on the borrower's loan is the maximum possible interest rate instead of the expected interest rate. Note that malicious lenders can establish lending pools with very low interest rates to attract borrowers.
Impact
Borrowers who do not notice that their actual interest rate exceeds the expected interest rate will need to pay much more than expected. Furthermore, this greatly increases liquidation risk for victimized borrowers. After an affected loan has existed long enough for the repayment amount to increase substantially, it is likely that an auction of the loan will not succeed due to an unattractive loan-to-collateral ratio. If the auction of an affected loan fails, the malicious lender can liquidate the borrower. Borrower funds are at risk.
Tools Used
n/a
Recommendations
Do not allow lenders to update interest rates on existing pools.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.