Users will not able to use borrow function for first time!
Summary
The borrow function in the BlueBerryBank contract can prevent users to borrow and use this function in new banks because of a division by zero(debt).
Vulnerability Detail
The borrow function calculates the share variable as amount * totalShare / totalDebt. The totalDebt is initially set to zero when a new bank is created, which can cause the function to revert when the division is performed. or when users completely pay their debt, totalDebt will be set to zero. basically, there is no check for totalDebt should be greater than zero.
Impact
This vulnerability can prevent users from using new banks to borrow tokens. the division operation in the borrow function will cause the transaction to revert, preventing the borrower from being able to borrow tokens from the new bank.
Avci
high
Users will not able to use borrow function for first time!
Summary
The borrow function in the BlueBerryBank contract can prevent users to borrow and use this function in new banks because of a division by zero(debt).
Vulnerability Detail
The borrow function calculates the share variable as amount * totalShare / totalDebt. The totalDebt is initially set to zero when a new bank is created, which can cause the function to revert when the division is performed. or when users completely pay their debt, totalDebt will be set to zero. basically, there is no check for totalDebt should be greater than zero.
Impact
This vulnerability can prevent users from using new banks to borrow tokens. the division operation in the borrow function will cause the transaction to revert, preventing the borrower from being able to borrow tokens from the new bank.
Code Snippet
https://github.com/sherlock-audit/2023-02-blueberry-0xdanial/blob/55ebb9094b00c96ffffb27290fb305cd5d65ded6/contracts/BlueBerryBank.sol#L723
Tool used
Manual Review
Recommendation
The totalDebt variable should be initialized to a non-zero value when a new bank is created for the first time.