Malicious lender can use blacklisted address and harm borrower
Summary
If during the duration of a loan, the borrower got blacklisted by collateral asset contract, like USDC, there is no way to retrieve the collateral.
Vulnerability Detail
Protocol specifically mentions :
Q: Do you expect to use any of the following tokens with non-standard behaviour with the smart contracts?
Whatever uniswap v3 supports for their pools can interact with our contracts
Some tokens like USDC have a contract level admin controlled address blocklist. If an address is blocked, then transfers to and from that address are forbidden.
Malicious lender can use repay() function for this purpose. The lender can add the USDC blacklist to prevent the borrower from repaying the loan, and then withdraw the borrower's collateral.
Impact
A malicious or compromised token lender can trap funds in a contract by adding the contract address to the blocklist.
tsvetanovv
high
Malicious lender can use blacklisted address and harm borrower
Summary
If during the duration of a loan, the borrower got blacklisted by collateral asset contract, like USDC, there is no way to retrieve the collateral.
Vulnerability Detail
Protocol specifically mentions :
Some tokens like USDC have a contract level admin controlled address blocklist. If an address is blocked, then transfers to and from that address are forbidden.
Malicious lender can use
repay()function for this purpose. The lender can add the USDC blacklist to prevent the borrower from repaying the loan, and then withdraw the borrower's collateral.Impact
A malicious or compromised token lender can trap funds in a contract by adding the contract address to the blocklist.
Code Snippet
https://github.com/sherlock-audit/2023-10-real-wagmi/blob/main/wagmi-leverage/contracts/LiquidityBorrowingManager.sol#L532-L674
Tool used
Manual Review
Recommendation
Try to implement a try-catch solution where you skip certain funds whenever they cause the transfer to the blacklisted token address to revert.
Duplicate of #83