search

code-423n4 / 2024-04-revert-mitigation-findings

1 stars 1 forks source link

M-15 MitigationConfirmed #18

Open c4-bot-4 opened 7 months ago

c4-bot-4 commented 7 months ago

Lines of code

Vulnerability details

C4 issue

M-15: Users' newly created positions can be prematurely closed and removed from the vault directly after they are created

Comment

In the original implementation, the _repay function will clean up (remove) the loan if it's fully repaid and also does not forbid repaying with amount = 0, this leads to newly created loan be deleted by calling repay with 0 amount and thus forces the loan owner to recreate their loan.

function _repay(uint256 tokenId, uint256 amount, bool isShare, bytes memory permitData) internal {

        // if fully repayed
        if (currentShares == shares) {
            _cleanupLoan(tokenId, newDebtExchangeRateX96, newLendExchangeRateX96, owner);
        } else {
            // if resulting loan is too small - revert
            if (_convertToAssets(loanDebtShares, newDebtExchangeRateX96, Math.Rounding.Up) < minLoanSize) {
                revert MinLoanSize();
            }
        }

        emit Repay(tokenId, msg.sender, owner, assets, shares);
    }

Mitigation

PR #8 Function _repay now no long cleans up the loan even if it's fully repaid:

 // if not fully repayed - check for loan size
        if (currentShares != shares) {
            // if resulting loan is too small - revert
            if (_convertToAssets(loanDebtShares, newDebtExchangeRateX96, Math.Rounding.Up) < minLoanSize) {
                revert MinLoanSize();
            }
        }

The mitigation solved the original issue.

Conclusion

LGTM

c4-judge commented 7 months ago

jhsagd76 marked the issue as satisfactory