Beedle - Oracle free perpetual lending

BeedleFi

DeFiFoundry

20,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Valid

The `borrow` and `refinance` functions can be front-run by the pool lender to set high interest rates

bernd

Summary

The pool's interestRate is assigned to the loan without the borrower having the possibility to define a maximum value. This allows the pool lender to front-run the borrower by calling the borrow or refinance function and setting the maximum possible interestRate value, i.e., MAX_INTEREST_RATE. This results in a very high interest payment for the borrower.

Vulnerability Details

If a user/borrower calls the borrow or refinance functions, the pool lender can front-run and change the pool's interestRate to an unfavorable (for the borrower) and very high value (e.g., MAX_INTEREST_RATE) by using the setPool function. This results in a very high interest payment for the borrower, calculated in the _calculateInterest function.

The borrow function assigns the pool.interestRate to the loan in L256
The refinance function updates the loan's auction length to the pool.interestRate in L688

Impact

Unnecessary and unexpected high interest rate for the borrower.

Tools Used

Manual Review

Recommendations

Consider allowing the borrower to define a maximum interest rate when borrowing or refinancing and validate if the pool fulfills this criterion.

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

706

28 USDC / LOC

High Medium

18,000 USDC

Low

2,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.