Incorrect calculation of interest on borrowing loans and borrower call became out of gas.
Summary
The interest is calculated based on the number of seconds the borrower holds the loan, but the loan is constructed before transferring the amount to the borrower. As a result, the startTimestamp is set before the borrower receives the loan. Moreover, the average time for external calls is long, which can lead to incorrect interest calculations. Attackers can exploit this vulnerability by using loops to increase waiting time, potentially resulting in higher interest costs for borrowers.
Vulnerability Details
The vulnerability arises due to the timing mismatch between the startTimestamp and the actual loan disbursement to the borrower.
https://github.com/Cyfrin/2023-07-beedle/blob/658e046bda8b010a5b82d2d85e824f3823602d27/src/Lender.sol#L249-L260 Where the distributed loan is constructed and https://github.com/Cyfrin/2023-07-beedle/blob/658e046bda8b010a5b82d2d85e824f3823602d27/src/Lender.sol#L269 where the actual transfer is happening. This can lead to an inaccurate calculation of the interest, causing borrowers to pay more than the expected interest. On ethereum we know that an transaction which is internal or not, it took sometime. also as I said before in another finding, that loanToken and collateral token is set by lender only. it can be malicious contract which is delaying transfers.
Impact
Higher Interest Costs
Tools Used
Recommendations
Reevaluate the interest calculation mechanism to ensure that it accurately reflects the actual loan disbursement time. or create loan distribution after a succesfull transfer.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.