Discrepancy between comment and actual function implementation in _repay()
Summary
The _repay() function in the LendingPool contract contains a discrepancy between its comment and actual implementation. The comment suggests that if onBehalfOf is set to address(0), the msg.sender’s debt will be repaid. However, in the actual implementation, the function reverts if onBehalfOf == address(0).
Vulnerability Details
The _repay() function is called by repay() and repayOnBehalf(). It accepts two parameters:
uint256 amount: The amount to be repaid.address onBehalfOf: The address of the user whose debt is being repaid.
The function’s comment states:
@param onBehalfOf The address of the user whose debt is being repaid. If
address(0),msg.sender's debt is repaid.
However, the actual implementation contradicts this, as it explicitly reverts if onBehalfOf is address(0):
Impact
Misleading documentation could lead to incorrect assumptions about how the function works.
Tools Used
Recommendations
Either Update the function comment to accurately reflect the behavior of _repay() or modify the function logic if the intended behavior is to allow msg.sender to repay their own debt when onBehalfOf == address(0).
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.