Closed github-actions[bot] closed 1 year ago
Avci
high
in function of drawdebt the function doesn't check if user want to borrow more than what he putted as collateral
an attacker can steal funds with paying very low collateral and never pay the loan
function drawDebt( address borrowerAddress_, uint256 amountToBorrow_, uint256 limitIndex_, uint256 collateralToPledge_ ) external nonReentrant { PoolState memory poolState = _accruePoolInterest(); // ensure the borrower is not credited with a fractional amount of collateral smaller than the token scale collateralToPledge_ = _roundToScale(collateralToPledge_, _bucketCollateralDust(0)); DrawDebtResult memory result = BorrowerActions.drawDebt( auctions, buckets, deposits, loans, poolState, borrowerAddress_, amountToBorrow_, limitIndex_, collateralToPledge_ ); emit DrawDebt(borrowerAddress_, amountToBorrow_, collateralToPledge_, result.newLup); // update pool interest rate state poolState.debt = result.poolDebt; poolState.collateral = result.poolCollateral; _updateInterestState(poolState, result.newLup); if (collateralToPledge_ != 0) { // update pool balances state if (result.t0DebtInAuctionChange != 0) { poolBalances.t0DebtInAuction -= result.t0DebtInAuctionChange; } poolBalances.pledgedCollateral += collateralToPledge_; // move collateral from sender to pool _transferCollateralFrom(msg.sender, collateralToPledge_); } if (amountToBorrow_ != 0) { // update pool balances state poolBalances.t0Debt += result.t0DebtChange; // move borrowed amount from pool to sender _transferQuoteToken(msg.sender, amountToBorrow_); } }``` ## Tool used Manual Review ## Recommendation check collateral amount with borrow req amount
BorrowerActions.drawDebt does the check:
if (!_isCollateralized(vars.borrowerDebt, borrower.collateral, result_.newLup, poolState_.poolType)) { revert BorrowerUnderCollateralized(); }
Avci
high
user can borrow more than what he puts as collateral
Summary
in function of drawdebt the function doesn't check if user want to borrow more than what he putted as collateral
Vulnerability Detail
Impact
an attacker can steal funds with paying very low collateral and never pay the loan
Code Snippet