Zero interest rate and fees while repaying the loan
Summary
Borrowers can loan tokens and repay them at nearly zero interest and 0 percent fees in certain scenarios.
block.timestamp manipulation can aid in this.
Vulnerability Details
When a user wants to pay a loan, the contract calls the _calculateInterest function to calculate the interest accrued and fees that the user has to pay.
Unfortunately, it uses block.timestamp at its core for calculation which can be manipulated by a clever borrower who's also a miner.
He can manipulate it in such a way that the interest and fee approaches zero.
This will lead the person to pay zero interest and zero fee loans which are not intended.
Fuzzing
Code
Fuzz results
Here are some failure cases based on different values of the variables:
| No. | Loan.InterestRate | Loan.startTimeStamp | Loan.debt | block.timestamp |
|---|---|---|---|---|
| 1 | 2419 | 972 | 5332 | 6290 |
| 2 | 1698 | 4788 | 4 | 12906 |
| 3 | 597 | 13453 | 105151829 | 14137 |
Impact
-> Loss of funds for protocol
-> Disturbing inner accounting of the protocol to disturb the normal functioning
Tools Used
Foundry , Manual Review and some brain
Recommendations
There should be some invariant checks on interest and fee being greater than zero otherwise the transaction should revert.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.