Closed c4-bot-9 closed 8 months ago
0xSorryNotSorry marked the issue as sufficient quality report
0xSorryNotSorry marked the issue as primary issue
My take is; this is a feature as the borrower will leave collateral tokens anyway. Moreover, a new term can be created by modifying the existing one by even 1 wei of hardcap.
Forwarding to the Sponsors for their perusal.
only the first borrow on the first term in the market has this special privilege (not directly after deployment, but after onboarding & at least 1 gauge vote), and it is totally fine if only one borrower fills up the hardCap, so I wouldn't consider this an issue
eswak (sponsor) disputed
Trumpero marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-12-ethereumcreditguild/blob/2376d9af792584e3d15ec9c32578daa33bb56b43/src/loan/LendingTerm.sol#L298-L304
Vulnerability details
Impact
The first minter of a term can mint a lot of credit tokens, because the code gives them special privilege and does not check the relative weights in the gauges. This is shown in the following snippet:
So a malicious user can call the term contract immediately after deployment and mint upto the
_hardcap
of tokens, preventing ay others from minting any tokens.Proof of Concept
The proof is evident from the code linked above.
Tools Used
Manual Review
Recommended Mitigation Steps
For initial borrows, have a special
FIRST_MINT
variable with a lower value than the_hardcap
and use that instead of the_hardcap
in the above code.Assessed type
Invalid Validation