The borrower can call borrow again on the same loan causing the lender to lose their tokens
Summary
Borrow is able to depilate the lender's funds by reborrowing the same loan again and again with the right scenario, because there is no input validation in borrow() that loan is already supplied with debt.
Vulnerability Details
Alice racks up 100usdc in debt after 2 years of a loan then we borrow the same loan terms making debt=2usdc instead of the 100 we racked up.
we are getting rid of the interest, instead, we are paying the debt + collateral instead of the interest on the loan which might be beneficiated for the borrower but not the protocol/lender and brakes the game in the system of repaying including loss of funds.
Example:
Alice has a loan with a total of 1000usdc 700debt + 300 interest and 800usdc collateral.
Alice borrowers again with 100 wei debt or with the minLoanSize and 300wei collateral and now the interest will be 0 Alice losses 100 collateral but doesn't pay 100 interest and then only losses 400 wei and if they would have repaid, they would have lost 1000usdc and so this attack causes loss for the lenders and protocol since no fee is taken. Alice does synthetic repayment through borrow. The lender won't get their funds back and the collateral will be stuck in the contract by repaying with that small amount causing the lender lose of all his tokens!t
Impact
Lenders cant their funds back even if there is no profitable path for the borrower, which can cause the lender to lose their collateral/debt
Tools Used
Recommendations
have check that the loan is borrowed
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.