zraxx - When using the `borrow` function to update the `BorrowingInfo`, the previously accumulated fees were not distributed in time.

[sherlock-admin2]

zraxx

high

When using the borrow function to update the BorrowingInfo, the previously accumulated fees were not distributed in time.

Summary

When using the borrow function to update the BorrowingInfo, the previously accumulated fees were not distributed in time.

Vulnerability Detail

In the function borrow, borrowers can increase the borrowedAmount and add new loan information. At the same time, the function _initOrUpdateBorrowing will accumulate borrowing fees that increase over time. The accumulated fees (borrowing.feesOwed) are not distributed, which benefits subsequent additional lenders.

Here is an example:

1. Firstly, Alice borrowed $1000000(1e6) from Bob.
2. After some time, Alice borrows $200000(2e5) from David. At this time, the borrow function updates the borrowing.feesOwed to $10000(1e4), which should belong to Bob.
3. After some time, Alice call the repay function. The borrowing.feesOwed is updated to $11000. According to the implementation of the contract, Bob will receive $9167 (11000 * 1e6 / (1e6+2e5)), while David will receive $1833. In other words, Bob's fee is reduced.

Impact

Fees received by original lenders will be reduced. On the contrary, subsequent lenders will benefit.

Code Snippet

https://github.com/sherlock-audit/2024-02-leverage-contracts/blob/main/wagmi-leverage/contracts/LiquidityBorrowingManager.sol#L394-L484

Tool used

Manual Review

Recommendation

Fees accumulated should be distributed in time.

Duplicate of #41

[fann95]

the same as #41

[sherlock-admin]

The protocol team fixed this issue in PR/commit https://github.com/RealWagmi/wagmi-leverage/commit/84416fcedfcc7eb062917bdc69f919bba9d3c0b7.

[sherlock-admin2]

1 comment(s) were left on this issue during the judging contest.

takarez commented:

valid: this seem valid to me; high(1)

[sherlock-admin4]

The Lead Senior Watson signed off on the fix.