" the last loan created will end up making the borrower put up with slightly more collateral because of precision loss"
however due to a incorrect check when the collateral amount is more than loan amount the acceptloanofferandfillorder will always revert even if the amount is very small
function acceptLoanOfferAndFillOrder(
Order calldata exchangeOrder,
Proposal calldata proposal
) external nonReentrant whenNotPaused {
_assertProposalIsLoanOffer(proposal);
uint256 positionId = _derivePositionId(proposal);
if (exchangeOrder.tokenId != positionId) {
revert PositionIdMismatch();
}
if (exchangeOrder.side != Side.SELL) {
revert NotSellOrder();
}
if (exchangeOrder.feeRateBps < minimumOrderFeeRate) {
revert OrderFeeRateTooLow();
}
bytes32 proposalId = hashProposal(proposal);
uint256 protocolFee = (exchangeOrder.takerAmount * protocolFeeBasisPoints) / 10_000;
uint256 fulfillAmount = exchangeOrder.takerAmount + protocolFee;
_assertProposalValidity(proposalId, proposal, positionId, fulfillAmount);
Fulfillment storage fulfillment = _getFulfillment(proposal);
uint256 collateralAmountRequired = _calculateCollateralAmountRequired(proposal, fulfillment, fulfillAmount);
if (exchangeOrder.makerAmount < collateralAmountRequired) {
revert InsufficientCollateral(); /////@audit reverts if the collateralamount is more than exchangeordermakeramount
as a result of this incorrect check a loan offer will never be fully filled since precision will cause the collateral amount to be more than loan amount also incorrect check will cause the collateral amount to never be more than maker amount which is bad for lenders
nikhilx0111
High
incorrect check in acceptloanofferandfillorder will cause the function to revert when the borrower is buying the last loan
Summary
as mentioned by the protocol in documentation https://audits.sherlock.xyz/contests/561?filter=questions#:~:text=Each%20loan%20must,the%20collateral%20ratio. \
" the last loan created will end up making the borrower put up with slightly more collateral because of precision loss"
however due to a incorrect check when the collateral amount is more than loan amount the acceptloanofferandfillorder will always revert even if the amount is very small
as a result of this incorrect check a loan offer will never be fully filled since precision will cause the collateral amount to be more than loan amount also incorrect check will cause the collateral amount to never be more than maker amount which is bad for lenders
Root Cause
https://github.com/sherlock-audit/2024-09-predict-fun/blob/41e70f9eed3f00dd29aba4038544150f5b35dccb/predict-dot-loan/contracts/PredictDotLoan.sol#L241-L242
Internal pre-conditions
No response
External pre-conditions
No response
Attack Path
No response
Impact
incorrect check will cause the collateral amount to never be more than maker amount which is bad for lenders
PoC
No response
Mitigation
revert only when the collateral amount is less than maker