search

code-423n4 / 2023-12-ethereumcreditguild-findings

9 stars 5 forks source link

Some borrowers won't be incentivised to pay their loans #143

Closed c4-bot-1 closed 5 months ago

c4-bot-1 commented 6 months ago

Lines of code

https://github.com/code-423n4/2023-12-ethereumcreditguild/blob/main/src/loan/LendingTerm.sol#L758-L768

Vulnerability details

Impact

Some borrowers won't be incentivized to pay their loans, because under certain terms, it would be more profitable for them to be liquidated.

Proof of Concept

Under some terms, borrowers will find it more profitable to allow the loan to expire and be liquidated than to repay their debt. This is due to the extremely high maxDebtPerCollateralToken ratio. A notable example is provided here in the documentation, where maxDebtPerCollateralToken is 0.99e18, and the interest is 0.05e18 (5%) paid every 3 months.

collateralToken: DAI
maxDebtPerCollateralToken: 0.99e18
interestRate: 0.05e18 (5%)
maxDelayBetweenPartialRepay: 7.884e+6 (seconds, equals three months)
minPartialRepayPercent: 0.02e18 (2%)
openingFee: 0.0005e18 (5 bips)
hardCap: 1e26 ($100m)

With 5% interest paid 4 times a year, this will amount to 1.25% (as it's APR) of interest per payment. This means that by the first payment, the borrower will owe 100.25% of their collateral as debt, without counting the fee. If the fee is 0.5%, it will be 100.75%.

From the borrower's perspective, it will be more efficient to get liquidated rather than to pay off their debt. This will leave bad debt in the system and cause all users in the gauge to be slashed.

Example:

Same as above.

prerequisites values
Collateral DAI
Max debt per collateral token 0.99e18
Interest rate 0.05e18 (5%)
Max delay between partial repay 7.884e6(3 months)
Opening fee 0.0005e18 (5 bips)
Hard cap 1e26 (100m)
  1. Alice mints in the PSM 10k credits (worth 10k DAI) and increases the gauge weight with SGM for the same amount.
  2. Bob borrows 9990gDAI for 10000 DAI as collateral.
  3. Bob exchanges his gDAI for real DAI uses it to trade.
  4. After 3 months Bob sees that in order to free his 10k DAI collateral, he will need to return 10.1k DAI. He leaves the loan to expire.
  5. The 3 months pass by and Alice is forced to liquidate Bob.
  6. Alice's gauge is slashed, because the auction passed the mid point and entered the second half.

POC

Gist: https://gist.github.com/0x3b33/3c0445bea07bf2382595c0f8ec88dc5c Place in: 2023-12-ethereumcreditguild/test/unit/loan/.sol Run it with: forge test --match-test test_causeBadDebt -vv

Tools Used

Manual review

Recommended Mitigation Steps

It's not preferable to target such high utilizations, as we reach a point where borrowers will prefer to be liquidated, as it will cost less compared to paying the debt.

Assessed type

Error

c4-pre-sort commented 5 months ago

0xSorryNotSorry marked the issue as sufficient quality report

c4-pre-sort commented 5 months ago

0xSorryNotSorry marked the issue as primary issue

c4-sponsor commented 5 months ago

eswak (sponsor) disputed

eswak commented 5 months ago

I don't think that should be considered a valid code issue, this would be a governance issue. Terms with these parameters should be voted against by GUILD holders, or veto'd by GUILD or credit holders, and this would be an unsafe term to lend against.

The example in the documentation website is erroneous and I informed my colleague about this, thanks for pointing out.

c4-judge commented 5 months ago

Trumpero marked the issue as unsatisfactory: Invalid