Any lender can drain the contract
Summary
Any lender can drain the contract, or at least mess up the accounting with the the help of seizeLoan
Vulnerability Details
Due to seizeLoan doing 2 transfers, before doing any updates to the loan, it is possible for a malicious lender to reenter and cause some harm to the protocol.
Pools can be made with any token (even malicious one) meaning sooner or later a ERC777 token (or any token that has before/after transfer hook) will be used. Any lender who has a pool with such token as collateral will be able to reenter seizeLoan dues to it's code not following "checks-effects-interactions" pattern.
From the code snippet above we can see that a transfer is made before any changes on the loan is done. So a malicious lender needs to call this function again with the same parameters and score a double payout, or even call it many times in a row for increased profits.
Example scenario:
| Preconditions | values |
|---|---|
| Loan tokenA : tokenB Collateral | ERC20 : ERC777 |
| Pool size | 10 000 |
| max LTV | 50% |
| Borrower count | 8 |
| tokenA left | 2 000 |
| tokenB in | 16 000 |
| Borrow amount to be seized | 1 000 |
Now one of the borrowers is insolvent so the pool owner (must be a contract) starts an auction and afterwards calls seizeLoan. Now this transfer will trigger his tokensReceived function in his smart contract, from where tokensReceived will call multiple times seizeLoan, gaining 1000 collateral tokens with every call, and because the loan is modified after the transfer he would be able to successfully extract as much collateral tokens from the contract as he wants.
Impact
Lender would be able to drain the contract
Tools Used
Manual review
Recommendations
Save the amounts, then delete/update the loan and then transfer.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.