Let's suppose the contract is paused and at that time lender calls call() for auctioning of the loan.
But now as the contract is paused no one would be able to call auction() as there whenNotPaused modifier inside auction()
function auction(uint256 loanId) external nonReentrant whenNotPaused
This creates problem for lender , new lender and borrower.
Current lender would not be able to auction the call as no one is able to call the function
New lender who wishes th take over loan as he thinks the collateral amount would be big in coming times would not be able to take over this loan.
Borrower will have no choice and would not be given chance to repay the loan as loan cannot be auctioned.
Impact
This creates problem for lender , new lender and borrower.
Current lender would not be able to auction the call as no one is able to call the function
New lender who wishes th take over loan as he thinks the collateral amount would be big in coming times would not be able to take over this loan.
Borrower will have no choice and would not be given chance to repay the loan as loan cannot be auctioned.
smbv-1923
Medium
whenNotPaused()modifier not checked duringcall()which creates problemSummary
whenNotPaused()modifier not checked duringcall()which creates problemRoot Cause
https://github.com/sherlock-audit/2024-09-predict-fun/blob/main/predict-dot-loan/contracts/PredictDotLoan.sol#L561
Internal pre-conditions
Contract should be paused when user calls
call()External pre-conditions
No response
Attack Path
call()for auctioning of the loan.auction()as there whenNotPaused modifier inside auction()function auction(uint256 loanId) external nonReentrant whenNotPausedImpact
PoC
No response
Mitigation
Add whenNotPaused() modifier during
call()