Core Contracts

Regnum Aurum Acquisition Corp

HardhatReal World AssetsNFT

77,280 USDC

View results

Previous Next

Submission Details

Severity: medium

Valid

Incorrect Prime Rate Update Timing Leads to Incorrect Interest Calculation

dobrevaleri

Summary

The LendingPool::setPrimeRate() function does not synchronize the reserve state before updating the prime rate, causing incorrect interest calculations for past periods.

Vulnerability Details

When setting a new prime rate in LendingPool::setPrimeRate(), the function calls ReserveLibrary::setPrimeRate() which updates the prime rate without first synchronizing the reserve state. This means the new prime rate will be applied retroactively to the period between the last update and the current timestamp.

The issue occurs because ReserveLibrary::setPrimeRate() only validates the rate change and updates the rates:

function setPrimeRate(ReserveData storage reserve, ReserveRateData storage rateData, uint256 newPrimeRate) internal {

if (newPrimeRate < 1) revert PrimeRateMustBePositive();

uint256 oldPrimeRate = rateData.primeRate;

if (oldPrimeRate > 0) {

uint256 maxChange = oldPrimeRate.percentMul(500); // Max 5% change

uint256 diff = newPrimeRate > oldPrimeRate ? newPrimeRate - oldPrimeRate : oldPrimeRate - newPrimeRate;

if (diff > maxChange) revert PrimeRateChangeExceedsLimit();

}

rateData.primeRate = newPrimeRate;

updateInterestRatesAndLiquidity(reserve, rateData, 0, 0);

emit PrimeRateUpdated(oldPrimeRate, newPrimeRate);

}

Proof of Concept

At t=0, prime rate is set to 5 RAY
At t=100, no reserve sync has occurred
At t=100, prime rate is updated to 5.2 RAY
The new rate is applied retroactively to t=0-100
Interest for t=0-100 is calculated using 5.2 RAY instead of the correct 5 RAY

Impact

This leads to incorrect interest calculations as the new prime rate is applied retroactively to past periods. Since the prime rate is a key component in calculating both liquidity and usage rates, this affects:

Interest earned by lenders
Interest owed by borrowers
Health factor calculations

The impact is amplified when there are frequent prime rate changes without reserve synchronization.

Recommendations

Synchronize reserves before updating prime rate:

function setPrimeRate(uint256 newPrimeRate) external onlyPrimeRateOracle {

+ ReserveLibrary.updateReserveState(reserve, rateData);

ReserveLibrary.setPrimeRate(reserve, rateData, newPrimeRate);

}

Updates

Lead Judging Commences

inallhonesty Lead Judge 3 months ago

Submission Judgement Published

Validated

Assigned finding tags:

ReserveLibrary fails to update reserve state before changing rate parameters (prime rate, protocol fee rate), causing new rates to be applied retroactively to interest since last update

inallhonesty Lead Judge 3 months ago

Submission Judgement Published

Validated

Assigned finding tags:

ReserveLibrary fails to update reserve state before changing rate parameters (prime rate, protocol fee rate), causing new rates to be applied retroactively to interest since last update

Prize pool breakdown

Total prize

77,280 USDC

nSLOC

3,864

20 USDC / LOC

High Medium

74,000

Low

3,280

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.