In Market.borrow function the receiver can be address(0) thus losing funds
Low/Info issue submitted by Shield
Summary
In Market.borrow function the receiver can be address(0) thus losing funds
Vulnerability Detail
The Market.borrow function is used to borrow a certain amount from the floating pool. And the borrowed asset is sent to the receiveraddress passed in as an input parameter to the function.
asset.safeTransfer(receiver, assets);
But the issue here is that solmate ERC20 implementation does not check for address(0) on the to address as it is done with the openzeppelin implementation.
Impact
Hence as a result if the msg.sender borrows the funds on behalf of the borrower but sends it to address(0) by mistake or intentionally then the borrowed funds will be lost. But the borrower will still have to repay the debt.
Hence it is recommended to perform the input validation on the reciever address for address(0) and revert if it is the case. Since the Market.borrow is an external function which can be called by anyone these user mistakes should be handled properly since it could lead to loss of funds.
In
Market.borrowfunction thereceivercan beaddress(0)thus losing fundsLow/Info issue submitted by Shield
Summary
In
Market.borrowfunction thereceivercan beaddress(0)thus losing fundsVulnerability Detail
The
Market.borrowfunction is used to borrow a certain amount from the floating pool. And the borrowed asset is sent to thereceiveraddress passed in as an input parameter to the function.But the issue here is that
solmate ERC20implementation does not check foraddress(0)on thetoaddress as it is done with theopenzeppelinimplementation.Impact
Hence as a result if the
msg.senderborrows the funds on behalf of theborrowerbut sends it toaddress(0)by mistake or intentionally then the borrowed funds will be lost. But theborrowerwill still have to repay the debt.Code Snippet
https://github.com/sherlock-audit/2024-04-interest-rate-model/blob/main/protocol/contracts/Market.sol#L168
Tool used
Manual Review and VSCode
Recommendation
Hence it is recommended to perform the input validation on the
reciever addressforaddress(0)and revert if it is the case. Since theMarket.borrowis an external function which can be called by anyone these user mistakes should be handled properly since it could lead to loss of funds.