You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
DuplicateA valid issue that is a duplicate of an issue with `Has Duplicates` labelMediumA valid Medium severity issueRewardA payout will be made for this issue
Whenever a user borrows (even a zero borrow) they are entered into the market
There's no check on borrow() to verify that the borrow amount isn't zero.
Since borrowing a zero amount doesn't require any allowance, anybody can call borrow() with zero amount using any receiver as borrower
This leads to the fact that anybody can force anybody to enter into any market
Consider the following scenario:
Bob has assets in the USDC, and DAI market
They approved Alice to borrow on their behalf on the ETH market
They entered the USDC market, but not the DAI market
Alice now wants to use Bob's DAI collateral to take a loan, so she forces him to enter the market with a zero-borrow
Alice took a loan using collateral she wasn't supposed to use according to the protocol's design, causing a loss of assets to Bob
Impact
Users are forced to enter market and use their assets as collateral.
This allows users who're approved to borrow on other markets to borrow on their behalf using assets they didn't intend to use as collateral.
sherlock-admin3
changed the title
Sticky Myrtle Griffin - Attacker can force a user to enter a market
Shield - Attacker can force a user to enter a market
May 17, 2024
DuplicateA valid issue that is a duplicate of an issue with `Has Duplicates` labelMediumA valid Medium severity issueRewardA payout will be made for this issue
Shield
medium
Attacker can force a user to enter a market
Summary
Vulnerability Detail
borrow()
to verify that the borrow amount isn't zero.borrow()
with zero amount using any receiver asborrower
Consider the following scenario:
Impact
Users are forced to enter market and use their assets as collateral.
This allows users who're approved to borrow on other markets to borrow on their behalf using assets they didn't intend to use as collateral.
Code Snippet
No zero check here:
https://github.com/sherlock-audit/2024-04-interest-rate-model/blob/main/protocol/contracts/Market.sol#L140-L145
PoC:
Add the following to
protocol/test/Market.t.sol
import { console2} from "forge-std/console2.sol";
Ouptut:
Tool used
Manual Review
Recommendation
Revert on zero borrows
Duplicate of #76
The text was updated successfully, but these errors were encountered: