search

code-423n4 / 2024-05-gondi-mitigation-findings

0 stars 0 forks source link

H-12 MitigationConfirmed #90

Open c4-bot-1 opened 3 months ago

c4-bot-1 commented 3 months ago

Lines of code

Vulnerability details

C4 Issue

H-12: addNewTranche() no authorization from borrower

Comments

Original vulnerabilities: addNewTranche() modifies borrower’s principal by adding new tranches. However, this function is not access-controlled and it only requires the signature of the lender.

Original impacts: This puts the borrower at risk because a lender can add a tranche to an existing loan to increase the principalAmount and specific high apr or renegotiation offer fees for the borrower to pay.

Mitigation

Fix: https://github.com/pixeldaogg/florida-contracts/pull/379/files

//src/lib/loans/MultiSourceLoan.sol
    function addNewTranche(
        RenegotiationOffer calldata _renegotiationOffer,
        Loan memory _loan,
        bytes calldata _renegotiationOfferSignature
    ) external nonReentrant returns (uint256, Loan memory) {
        if (msg.sender != _loan.borrower) {
            revert InvalidCallerError();
        }
...

The mitigation is checking the msg.sender is the loan borrower themselves such that only the borrower can make such changes to their loan.

The mitigation eliminates the original vulnerability and resolves the issue.

Test

The revised test is passing

Conclusion

LGTM

c4-judge commented 3 months ago

alex-ppg marked the issue as satisfactory

c4-judge commented 3 months ago

alex-ppg marked the issue as confirmed for report