Beedle - Oracle free perpetual lending
BeedleFi
DeFiFoundry
20,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Valid

Borrower may refinace loans to a pool with higher interest rate

Juntao

Summary

Borrower may refinace loans to a pool with higher interest rate.

Vulnerability Details

Borrower calls refinance(…) function to refinance a loan to a new offer. After being refinanced, loan will be updated as below:

loans[loanId].collateral = collateral;
// update loan interest rate
loans[loanId].interestRate = pool.interestRate;
// update loan start timestamp
loans[loanId].startTimestamp = block.timestamp;
// update loan auction start timestamp
loans[loanId].auctionStartTimestamp = type(uint256).max;
// update loan auction length
loans[loanId].auctionLength = pool.auctionLength;
// update loan lender
loans[loanId].lender = pool.lender;
// update pool balance
pools[poolId].poolBalance -= debt;

The problem is that this funtion does not check if the pool has higher interest rate than the original loan, even if borrower intended to choose a pool with lower interest rate to refinance loan to, it's possible the pool's interest rate may be updated to a higher rate before borrower's transaction gets executed.

Impact

Borrower may take a loan with higher interest rate than expected.

Tools Used

Manual Review

Recommendations

Add check if pool interest rate is higher than the loan's.

function refinance(Refinance[] calldata refinances) public {
for (uint256 i = 0; i < refinances.length; i++) {
+ if (pool.interestRate > loan.interestRate) revert PoolConfig();
}
}

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.