Beedle - Oracle free perpetual lending

Summary

Because setPool does a transfer before configuring the pool it is possible for anyone to re-enter and drain the contract.

Vulnerability Details

From the beetle we can see that Lenders make pool that borrowers borrow from, but all tokens are stored in one shared contract - Lender. Now if any of the lenders makes a pool with an ERC777 token (or any other token with a hook) other Users will be able to drain this pool and steal all of the tokens. This is all possible because setPool does this transfer before setting the storage of a given pool.

How to re-enter:
There are 2 pools A : B and C : D where one of the two tokens is re-enterable.

Steal from A : B

1. Create a pool A : B with 1000 of tokenA

2. Call setPool on that pool, only changing the loan amount from 1000 to 500

3. This transfer will trigger and transfer 500 tokens to your contract from where you will re-enter 5000 / 500 = 10 times

4. Withdraw your initial 1000 loan tokens

Steal from C : D

1. Make a pool with D as loan token (the re-enter "hack" only steals loan tokens) with again 1000 tokenD

2. Call setPool on that pool, only changing the loan amount from 1000 to 500

3. This transfer will trigger and transfer 500 tokens to your contract from where you will re-enter 3000 / 500 = 6 times

4. Withdraw your initial 1000 loan tokens

Impact

Any user can drain every ERC777 token from the contract.

Tools Used

Manual review.

Recommendations

Either prohibit ERC777 tokens, by having whitelist on allowed tokens, or use ReentrancyGuard by OZ.