User can prevent pool owner from changing minLoanSize value and auctionLength
Summary
Adversary can prevent user owner from changing minLoanSize value and auctionLength.
Vulnerability Details
As there isn't a separate function to change the values of minLoanSize and auctionLength, pool owners have to use setPool to do so. The problem is that there is the following check:
While this makes sure the accounting is correct, it opens up an attack vector. Since this is the only way to change the values of minLoanSize and auctionLength, a malicious user may be monitoring the mempool for such transactions and front-run them and borrow/ repay in order to change the value of outstandingLoans. By changing it, the transaction will revert. Being able to immediately after repay the taken borrow, the interest accumulated will be negligible. Furthermore, this is an issue which could happen without any malicious actors - if there's high activity in a certain pool, it might be close to impossible to change the values of minLoanSize and auctionLength.
Impact
Pool owners being unable to change the values of minLoanSize and auctionLength
Tools Used
Manual review
Recommendations
Make separate functions for changing the values of minLoanSize and auctionLength.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.