Beedle - Oracle free perpetual lending

BeedleFi

DeFiFoundry

20,000 USDC

View results

Previous Next

Submission Details

Severity: high

Valid

Miscalculation in Loan Ratio Due to Decimal Ignorance

ubermensch

Summary

The issue is about a miscalculation in loan ratio due to decimal ignorance, has been identified where the calculation of the loan ratio does not take into account the decimal difference of the loan token and the collateral token.

Vulnerability Details

The vulnerability arises from the miscalculation in the loan ratio. The current calculation is: uint256 loanRatio = (debt * 10 ** 18) / collateral;. This calculation does not consider the decimal difference of the loan token and the collateral token, leading to potential inaccuracies in the loan ratio which can result in significant loss to the borrower or the lender depending the decimal of the two tokens.

Impact

This vulnerability can lead to significant inaccuracies in the calculation of the loan ratio, which can affect the fairness of the loan terms and potentially lead to financial losses for either the borrower or the lender.

Tools Used

Manual Review

Recommendations

To mitigate this vulnerability, it is recommended to revise the loan ratio calculation to take into account the decimals of the loan token and the collateral token.

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

706

28 USDC / LOC

High Medium

18,000 USDC

Low

2,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.