Summary

The flash loan contract does not transfer back the tokens from the borrower itself but instead relies on the borrower to do so.

Vulnerability Details

Allows for 'side entrancy' attacks. As the flashloan contract is not the one to transfer the tokens back before checking its own token balance. The borrower can deposit the tokens to the contract instead of paying back the flash loan. flashloan() does not revert as endingBalance is calculate using the contracts token balance (which has increased back to pre flash loan value due to borrower depositing the lended tokens). The borrower has now become a lender with a large deposit (that can be redeemed).

Impact

Enables funds to be stolen from the contract, by flash loans not being paid back properly. Very likely to occur.

Tools Used

Recommendations

Ensure that the flashloan contract (lender) is the one that transfers the tokens back from the borrower. [require(IERC20(token).transferFrom()...)], the borrower must approve the flashloan contract to take these tokens back.

Or similar to UniswapV2, use a reentrancy lock to ensure the borrower cannot fufill the flash loan repayment by depositing the tokens to the contract.