Submission Details
Severity:
in `giveLoan it doesn't check that the loan is in an auction
Summary
No check that loan is in a refinancing state
Vulnerability Details
The borrower/lender can cheap out on the new lender that wants to take the loan and call giveLoan while an auction is happening which should not be a desired state
for (uint256 i = 0; i < loanIds.length; i++) {
uint256 loanId = loanIds[i];
bytes32 poolId = poolIds[i];
// get the loan info
Loan memory loan = loans[loanId];
// validate the loan
if (msg.sender != loan.lender) revert Unauthorized();
// get the pool info
Pool memory pool = pools[poolId];
// validate the new loan
if (pool.loanToken != loan.loanToken) revert TokenMismatch();
if (pool.collateralToken != loan.collateralToken)
revert TokenMismatch();
// new interest rate cannot be higher than old interest rate
if (pool.interestRate > loan.interestRate) revert RateTooHigh();
// auction length cannot be shorter than old auction length
if (pool.auctionLength < loan.auctionLength) revert AuctionTooShort();
// calculate the interest
Impact
we can call this while the auction is happening which will make the auction stop and revert causing the new lender to have no choice but and take on the loan
The same thing happens in refinance()
Tools Used
Recommendations
add var that only allows certain lenders to give loans to certain lenders/ add a check that only allows the loan to be given NOT during the auction so
require(auctionTimeStart==block.timestamp);
Prize pool breakdown
Total prize
20,000 USDC
nSLOC
70628 USDC / LOC
18,000 USDC
2,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.