Beedle - Oracle free perpetual lending

BeedleFi

DeFiFoundry

20,000 USDC

View results

Previous Next

Submission Details

Severity: high

Valid

A malicious user can freeze all the auctioned loans.

0xsandy

Summary

The startAuction can be started by loan lender and any user can buy the loan using a poolId with enough balance and interest rate less than current auction rate but the loans can be compromised by using poolId that doesn't belong to the msg.sender calling the function.

Vulnerability Details

As in the buyLoan() there is no check to verify that poolId provided belongs to the msg.sender calling that function, A malicious user with no pools can use a poolId that doesn't belong to him but has enough poolBalance for loan and interestRate greater than currentAuctionRate calculated to acquire the loan and become the lender.

Impact

If a malicious user who may not have a pool or may have a pool with 0 outstanding loan and little pool balance becomes the lender of the loan, with poolId that doesn't belongs to him, it will cause the following issues:

The poolBalance of poolId that the malicious user provided is decreased and is lost forever.

https://github.com/Cyfrin/2023-07-beedle/blob/658e046bda8b010a5b82d2d85e824f3823602d27/src/Lender.sol#L489C1-L490C53

src/Lender.sol

489: _updatePoolBalance(poolId, pools[poolId].poolBalance - totalDebt);

490: pools[poolId].outstandingLoans += totalDebt;

The loan borrower can neither repay nor refinance his/her loan as poolId is obtained from:

poolId = keccak256(abi.encode(lender, loanToken, collateralToken));

the poolId of the malicious user wouldn't exist or if existed would not have enough outstanding loan and pool balance and revert because both repay() and refinance() decrease the poolBalance and outstandingLoands for the poolId of the lender:

_updatePoolBalance(poolId, pools[poolId].poolBalance + loan.debt + lenderInterest);

pools[poolId].outstandingLoans -= loan.debt;

If malicious user had a poolId, the outstandingLoan will be less than loan.debt which will surely revert with underflow and If malicious user didn't have a poolId, pools[poolId].outstandingLoans would also be 0, and it would also revert with underflow causing both refinance and repay to revert.

Loan also can't be seized as it also decreases the outstandingLoans of the poolId in the seizeLoan() which will surely revert:

pools[poolId].outstandingLoans -= loan.debt;

Hence, loan is stuck and freezed forever, meaning borrower won't be able to retrieve his/her collateral and the poolId which the malicious user provided will also lose poolBalance.

Tools Used

Manual Analysis

Recommendations

In the buyLoan() function, after loans[loanId].lender is updated to msg.sender i.e

https://github.com/Cyfrin/2023-07-beedle/blob/658e046bda8b010a5b82d2d85e824f3823602d27/src/Lender.sol#L518

Add the following check after the above line:

if (poolId != getPoolId(msg.sender, loan.loanToken, loan.collateralToken)) revert poolIdConfig();

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

706

28 USDC / LOC

High Medium

18,000 USDC

Low

2,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.