Beedle - Oracle free perpetual lending

BeedleFi

DeFiFoundry

20,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Malicious lender can lock borrowers' funds forever

Phantasmagoria

Summary

Malicious lender can lock borrowers' funds forever by changing the collateral token

Vulnerability Details

If we take a look at the setPool() function, we'll notice that this function allows lenders to change the collateral token. However, doing so can make the borrower unable to repay their debt.

The repay function includes a call to getPoolId(), which generates a distinct hash value. Subsequently, the variable 'poolId' is assigned this hash, referring to a different pool. As the 'poolId' now points to another pool, the 'outstandingLoans' associated with this pool would be zero. Consequently, the attempt to execute the transaction would fail due to an underflow condition when the following operation is performed

Impact

Borrower may be unable to repay their debt

Tools Used

Manual Review

Recommendations

Restrict lender from changing a collateral token

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

706

28 USDC / LOC

High Medium

18,000 USDC

Low

2,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.