Loan struct missing loanId
Summary
Loan struct missing loanId
Vulnerability Details
Structs.sol line 34 Loans struct does not store the loanId
struct Loan {
/// @notice address of the lender
address lender;
/// @notice address of the borrower
address borrower;
/// @notice address of the loan token
address loanToken;
/// @notice address of the collateral token
address collateralToken;
/// @notice the amount borrowed
uint256 debt;
/// @notice the amount of collateral locked in the loan
uint256 collateral;
/// @notice the interest rate of the loan per second (in debt tokens)
uint256 interestRate;
/// @notice the timestamp of the loan start
uint256 startTimestamp;
/// @notice the timestamp of a refinance auction start
uint256 auctionStartTimestamp;
/// @notice the refinance auction length
uint256 auctionLength;
}
The loanId is implied as the position zero indexed in the array of loans Lender.sol lines 71
This makes the code confusing, inconsistent and may affect usability in functions such as repay when one needs the loanIds
Impact
Informational: It affects code quality and readability and maintainability of code and data access patterns. It also affects usability and borrower may expect that each lawn struct in array of loans specifically has a loanId, when in fact loanId is the position in the Loan[] public loans array. What makes it more inconsistent is that the Refinance Struct in Lender.sol line 59 stores a loanId
struct Refinance {
/// @notice the loan ID to refinance
uint256 loanId;
/// @notice the pool ID to refinance to
bytes32 poolId;
/// @notice the new desired debt amount
uint256 debt;
/// @notice the new desired collateral amount
uint256 collateral;
}
Tools Used
Manual Analysis
Recommendations
Add loanId to the following Loan Struct
struct Loan {
/// @notice id of the loan
uint256 loadId;
/// @notice address of the lender
address lender;
/// @notice address of the borrower
address borrower;
/// @notice address of the loan token
address loanToken;
/// @notice address of the collateral token
address collateralToken;
/// @notice the amount borrowed
uint256 debt;
/// @notice the amount of collateral locked in the loan
uint256 collateral;
/// @notice the interest rate of the loan per second (in debt tokens)
uint256 interestRate;
/// @notice the timestamp of the loan start
uint256 startTimestamp;
/// @notice the timestamp of a refinance auction start
uint256 auctionStartTimestamp;
/// @notice the refinance auction length
uint256 auctionLength;
}
The loanId can simply be the index i from looping the calldata borrows e.g 0,1,2 which it is currently but this is not clear and not captured in the Loan struct
Alternatively it can be in similar strategy to the poolId of hashing index i,and some loan info to get unique value
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.