search

sherlock-audit / 2024-09-predict-fun-judging

5 stars 4 forks source link

404Notfound - Lender will suffer potential loss due to incorrect loan duration #225

Open sherlock-admin2 opened 1 month ago

sherlock-admin2 commented 1 month ago

404Notfound

Medium

Lender will suffer potential loss due to incorrect loan duration

Summary

The choice to use the loan offer's duration instead of the borrow request's duration when creating a loan is a mistake as it will cause a potential loss for the lender. This will make the loan mature and require more time, and let the lender call the function call at a later time.

    function call(uint256 loanId) external nonReentrant {
        Loan storage loan = loans[loanId];

        _assertAuthorizedCaller(loan.lender);
        _assertLoanStatus(loan.status, LoanStatus.Active);

        if (loan.startTime + loan.minimumDuration > block.timestamp) {
            revert LoanNotMatured();
        }
//...

Root Cause

In the function _createLoan, the loan's minimumDuration is set to the loan offer's duration instead of the borrow request's duration. https://github.com/sherlock-audit/2024-09-predict-fun/blob/main/predict-dot-loan/contracts/PredictDotLoan.sol#L424-L432

Internal pre-conditions

  1. A borrower call the function matchProposals.

External pre-conditions

N/A

Attack Path

N/A

Impact

  1. The borrower gains additional time to repay the loan potentially.
  2. It makes the maturity of the loan require more time, and enables the lender to call the call function at a later time.

PoC

N/A

Mitigation

Ensure that the loan's minimumDuration is set to the borrow request's duration when creating a loan from the function matchProposals.