Closed code423n4 closed 2 years ago
wilsoncusack
commented
2 years ago Proposed resolution does not fix because even if original lender is an EOA they can transfer the ticket to a smart contract. Won't fix. Only so much we can do with malicious tokens
gzeoneth
commented
2 years ago Duplicate #89
wilsoncusack
commented
2 years ago Hey sorry @gzeoneth just looking closer at this one: I would argue not a duplicate of ERC777? Borrower could be using an normal ERC777 and be attacked in #89. This requires borrower opting into using malicious ERC20
wilsoncusack
commented
2 years ago I would have marked this as invalid
wilsoncusack
commented
2 years ago actually: I think I am mistaken in my reading here. It is correctly marked as a duplicate of #89
Lines of code
NFTLoandFacilitator.lend; L205
Vulnerability details
Impact
A lender using an upgradeable smart contract could stop other lenders from buying him out, essentially causing a DoS.
Proof of Concept
Lender uses an upgradeable smart contract that front runs competing lenders and upgrades itself to remove its fallback/receive function everytime another lender tries to buy him out. Causing a DoS when the
lendfunction reaches L205 Then, before he is about to be repayed he front runsrepayAndCloseLoanand upgrades itself again to be able to receive the rewards.Tools Used
Recommended Mitigation Steps
Ensure lenders can only be EOAs.