Beedle - Oracle free perpetual lending

BeedleFi

DeFiFoundry

20,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Loan auction length is not updated properly

trtrth

Summary

A lender could give away their loan at any point as long as the pool they are giving it to offers the same or better terms. However in implementation, auction length of the loan is not updated according to the pool that it is given to. This issue also happens with buying loan logics.

Vulnerability Details

https://github.com/Cyfrin/2023-07-beedle/blob/658e046bda8b010a5b82d2d85e824f3823602d27/src/Lender.sol#L416-L420
https://github.com/Cyfrin/2023-07-beedle/blob/658e046bda8b010a5b82d2d85e824f3823602d27/src/Lender.sol#L518-L522
In the very end of function giveLoan and buyLoan, loan info is updated but auction length is not.

Impact

For giving loan logics: Loan gets seized earlier than expected

For buying loan logics: Loan auction duration is not synced with the new pool's configuration

Tools Used

Manual

Recommendations

Update loan auction length: loans[loanId].auctionLength = pool.auctionLength

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

706

28 USDC / LOC

High Medium

18,000 USDC

Low

2,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.