In takeOverDebt, wrong parameter borrowingKey is used to call _addKeysAndLoansInfo
Summary
In takeOverDebt, wrong parameter borrowingKey is used to call _addKeysAndLoansInfo
Vulnerability Detail
The original purpose of the function takeOverDebt is taking over debt by transferring ownership of a borrowing to the current caller. So it uses _addKeysAndLoansInfo to add the oldLoans to the new caller. However, it uses wrong parameter borrowingKey which is the old borrowingkey.
zraxx
high
In
takeOverDebt, wrong parameterborrowingKeyis used to call_addKeysAndLoansInfoSummary
In
takeOverDebt, wrong parameterborrowingKeyis used to call_addKeysAndLoansInfoVulnerability Detail
The original purpose of the function
takeOverDebtis taking over debt by transferring ownership of a borrowing to the current caller. So it uses_addKeysAndLoansInfoto add the oldLoans to the new caller. However, it uses wrong parameterborrowingKeywhich is the old borrowingkey.Impact
New caller loses the loans.
Code Snippet
https://github.com/sherlock-audit/2023-10-real-wagmi/blob/main/wagmi-leverage/contracts/LiquidityBorrowingManager.sol#L441
Tool used
Manual Review
Recommendation
Replace
borrowingKeywithnewBorrowingKeyDuplicate of #53