Beedle - Oracle free perpetual lending

BeedleFi

DeFiFoundry

20,000 USDC

View results

Previous Next

Submission Details

Severity: high

Valid

Inaccurate accounting in giveLoan leads to loss of funds for user.

trachev

Summary

In Lender.sol the giveLoan function accounts for the user's debt wrongly.

Vulnerability Details

The giveLoan function transfers a loan to another pool. Before transferring, the accumulated lenderInterest and protocolInterest for the loan are accounted for and added to the totalDebt variable. The issue is that when transfering the loan to a new pool, instead of setting the new debt amount to the original debt of the user, it is set to totalDebt.
The loan's interest is only calculated according to the time that the loan has been active, so when the lenderInterest and protcolInterest are accounted for and transferred in the old pool, they should not be relevant to the debt of the new pool.
Currently, when a loan is given to another pool, the loan's interest is paid to the old pool, then that same interest is accumulated to the debt of the user in the new pool, forcing the user's debt and loan interest to increase in the new pool, although they should stay the same.

loans[loanId].debt = totalDebt;

Impact

The inaccurate accounting leads to a loss of funds for the user.

Tools Used

Manual review

Recommendations

Use debt instead of totalDebt when giving a loan to a new pool.

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

706

28 USDC / LOC

High Medium

18,000 USDC

Low

2,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.