Submission Details
Severity:
Operator can force a lender to buy his loan via `buyLoan()`
Summary
An operator takes out a loan and then sends it into an auction. He then buys the loan through the buyLoan() but uses another lenders poolId.
Note: Operator has to make sure the pools interest rate is less than or equal to the currentAuctionRate
Vulnerability Details
Operator gives himself a loan
Operator sends loan into auction
Operator buys loan via buyLoan using another lenders poolId.
Impact
Operator can force a lender to buy his loan
Tools Used
manual
Recommendations
Check that msg.sender is lender for poolId provided.
Prize pool breakdown
Total prize
20,000 USDC
nSLOC
70628 USDC / LOC
18,000 USDC
2,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.