In Market.borrow function the receiver can be address(0) thus losing funds
Low/Info issue submitted by Shield
Summary
In Market.borrow function the receiver can be address(0) thus losing funds
Vulnerability Detail
The Market.borrow function is used to borrow a certain amount from the floating pool. And the borrowed asset is sent to the receiveraddress passed in as an input parameter to the function.
asset.safeTransfer(receiver, assets);
But the issue here is that solmate ERC20 implementation does not check for address(0) on the to address as it is done with the openzeppelin implementation.
Impact
Hence as a result if the msg.sender borrows the funds on behalf of the borrower but sends it to address(0) by mistake or intentionally then the borrowed funds will be lost. But the borrower will still have to repay the debt.
Hence it is recommended to perform the input validation on the reciever address for address(0) and revert if it is the case. Since the Market.borrow is an external function which can be called by anyone these user mistakes should be handled properly since it could lead to loss of funds.
In
Market.borrow
function thereceiver
can beaddress(0)
thus losing fundsLow/Info issue submitted by Shield
Summary
In
Market.borrow
function thereceiver
can beaddress(0)
thus losing fundsVulnerability Detail
The
Market.borrow
function is used to borrow a certain amount from the floating pool. And the borrowed asset is sent to thereceiver
address passed in as an input parameter to the function.But the issue here is that
solmate ERC20
implementation does not check foraddress(0)
on theto
address as it is done with theopenzeppelin
implementation.Impact
Hence as a result if the
msg.sender
borrows the funds on behalf of theborrower
but sends it toaddress(0)
by mistake or intentionally then the borrowed funds will be lost. But theborrower
will still have to repay the debt.Code Snippet
https://github.com/sherlock-audit/2024-04-interest-rate-model/blob/main/protocol/contracts/Market.sol#L168
Tool used
Manual Review and VSCode
Recommendation
Hence it is recommended to perform the input validation on the
reciever address
foraddress(0)
and revert if it is the case. Since theMarket.borrow
is an external function which can be called by anyone these user mistakes should be handled properly since it could lead to loss of funds.