Wrong Repay Amount
Summary
In LendingPool.sol the repayment process should use actualRepayAmount instead of amount to ensure accurate debt repayment.
Vulnerability Details
The vulnerability occurs in the _repay function where the repayment amount is processed. The current implementation uses amount directly, which may not accurately reflect the user's actual debt after considering the reserve's usage index and the user's scaled debt. actualRepayAmount is the correctly calculated amount that should be repaid, taking into account the user's actual debt and any necessary scaling. Using amount directly can lead to incorrect repayment amounts being processed.
Impact
By using amount instead of actualRepayAmount, the contract may process incorrect repayment amounts. This can result in users either overpaying or underpaying their debt, leading to potential financial discrepancies and losses for the lending pool.
Tools Used
Manual Review
Recommendations
To mitigate this vulnerability, update the _repay function to use actualRepayAmount instead of amount. This ensures that the correct repayment amount is processed, preventing potential overpayment or underpayment issues.
Lead Judging Commences
LendingPool::_repay compares scaled userScaledDebt with unscaled amount, creating unused actualRepayAmount; calculation is bypassed when burn is called with original amount
LendingPool::_repay compares scaled userScaledDebt with unscaled amount, creating unused actualRepayAmount; calculation is bypassed when burn is called with original amount
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.