search

code-423n4 / 2023-12-particle-findings

2 stars 1 forks source link

changing `LOAN_TERM` changes terms for existing loans #39

Closed c4-bot-5 closed 11 months ago

c4-bot-5 commented 11 months ago

Lines of code

https://github.com/code-423n4/2023-12-particle/blob/main/contracts/protocol/ParticlePositionManager.sol#L365 https://github.com/code-423n4/2023-12-particle/blob/main/contracts/protocol/ParticlePositionManager.sol#L581-L585

Vulnerability details

Impact

If the protocol updates the loan terms, this will affect existing loans taken under different terms.

Proof of Concept

LOAN_TERM is a guarantee for the lender (liquidity provider) to eventually get their liquidity back. After loan term has passed the lender can cause the loan to be possible to liquidate by claiming their liquidity.

In a similar fashion the borrower is guaranteed (as long as they keep their premium up) to not be liquidated during the LOAN_TERM.

This is enforced in ParticlePositionManager::liquidatePosition:

File: contracts/protocol/ParticlePositionManager.sol

365:                    lien.startTime + LOAN_TERM < block.timestamp))

Since only the startTime of the lien is stored, the LOAN_TERM is read at time of liquidation.

The protocol can change loan term. This would break all the previous agreements between lenders and borrowers. Which could possibly cause unwanted liquidations for borrowers or lenders to be forced to wait longer to get their liquidity back.

Tools Used

Manual audit

Recommended Mitigation Steps

Consider storing the loan term in the lien.

Assessed type

Other

c4-judge commented 11 months ago

0xleastwood marked the issue as duplicate of #52

c4-judge commented 11 months ago

0xleastwood marked the issue as satisfactory