Reentrancy vulnerability in Borrow Function
Summary
The borrow function in the Lender.sol file has a potential reentrancy vulnerability because it makes external calls to other contracts before updating its state variables loans and pools.
Vulnerability Details
A reentrancy vulnerability occurs when a contract makes an external call to another contract before updating its state variables. An attacker can call the function again before its state is updated, potentially leading to unexpected behavior.
The borrow function makes external calls to transfer tokens before updating the loans and pools state variables. The function updates the loans array by pushing a new Loan struct to it, and updates the pools mapping by modifying the poolBalance and outstandingLoans properties of the corresponding Pool.
Impact
An attacker may be able to call the borrow function again before the loans and pools state variables are updated, allowing them to take out multiple loans with the same collateral. Attacker cna borrow more funds than they should be able to, potentially leading to a loss of funds for the contract.
Tools Used
Manual Review
Recommendations
Use a reentrancy guard modifier to prevent reentrant calls to the borrow function. The guard works by using a lock variable to keep track of whether the function is currently being executed. If the function is called again before the first call has completed, the lock variable will prevent the second call from executing.
This will ensure that the state variables are updated before any potential reentrancy can occur and reducing the risk of unexpected behavior.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.