Wrong Repay Amount Cap
Summary
In LendingPool.sol the repayment amount is incorrectly capped at userScaledDebt instead of userDebt, leading to potential inaccuracies in the repayment process.
Vulnerability Details
The vulnerability occurs in the _repay function where the actualRepayAmount is calculated. The current implementation caps actualRepayAmount at userScaledDebt, which is the user's debt scaled by the reserve's usage index. However, the correct value to cap the repayment amount should be userDebt, which represents the actual debt the user owes. This discrepancy leads to incorrect repayment amounts being processed.
Impact
By capping the repayment amount at userScaledDebt instead of userDebt, the contract processes incorrect repayment amounts. This results in users either overpaying or underpaying their debt, leading to potential financial discrepancies and losses for the lending pool.
Tools Used
Manual Review
Recommendations
To mitigate this vulnerability, update the _repay function to cap the actualRepayAmount at userDebt instead of userScaledDebt. This ensures that the correct repayment amount is processed, preventing potential overpayment or underpayment issues.
Lead Judging Commences
LendingPool::_repay caps actualRepayAmount at userScaledDebt instead of userDebt, preventing users from repaying full debt with interest in one transaction
That amount is not actually used.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.