Beedle - Oracle free perpetual lending

BeedleFi

DeFiFoundry

20,000 USDC

Submission Details

Severity: high

Possible Frontrunning with `loanId`

Here is a sample scenario

The pool contains three loans: loan 0 and loan 2 are owned by userA, and loan 1 is owned by userB.
UserB submits a transaction to repay their loan with loanId 1.
UserA, who is monitoring the blockchain, quickly sees userB's transaction and decides to take advantage of the situation.
UserA submits their transaction to repay their loan with loanId 0, using a higher gas price to prioritize their transaction over userB's.
Miners, who are motivated by higher gas fees, prioritize userA's transaction and execute it first.
As a result, loan 0 gets removed from the array, and now userB's loan (formerly at position 1) becomes loan 0 in the pool.
However, in userB's original transaction, they intended to repay loanId 1, which now corresponds to userA's loan. Therefore, userA's loan gets repaid, leaving userB's loan unaffected.
UserB's loan remains unpaid, and they end up inadvertently repaying userA's loan instead.

Total prize

20,000 USDC

nSLOC

706

28 USDC / LOC

High Medium

18,000 USDC

Low

2,000 USDC

The contest is live. Earn rewards by submitting a finding.

Submissions are being carefully reviewed by our judges.

This is your time to appeal against judgements on your submissions.

Appeals are being carefully reviewed by our judges.

The contest is complete and the rewards are being distributed.

Support

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.