You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The interest rate is incorrectly updated when debt is repaid
Summary
In the protocol, depositors can supply assets as collateral to the pool and earn interest from borrowers. Borrowers, in turn, can borrowassets and are required to pay interest.
It's essential that interest rates are correctly calculated for both debt and collateral.
However, during repayment, the interest rate for debtassets is updated incorrectly.
Vulnerability Detail
When liquidity changes (such as during deposits, repayments, borrowing, or withdrawals), the interest rate adjusts.
Specifically, in line 158, totalDebt represents the current total debt of the asset reserve.
When liquidity increases (e.g., deposits or repayments), the _liquidityAdded value is positive (line 165).
Conversely, when liquidity decreases (e.g., borrowing or withdrawals), the _liquidityTaken value is positive (line 166).
These values are used to calculate new interest rates for both debt and collateral.
In the executeRepay function, the interest rates are updated in line 139.
At this point, cache.nextDebtShares does not account for the repaid debt amount—it still equals the current debt shares.
Only later, in line 152, do we update cache.nextDebtShares by subtracting the repaid amount from the current debt shares.
However, this updated nextDebtShares should be used when calculating the new interest rate.
Impact
Interest rates are a critical part of the lending protocol, and repayment can happen frequently.
Each time a repayment occurs, the interest rates for debt assets are being incorrectly recalculated.
The total debt has a significant impact on the calculation of interest rates.
sherlock-admin3
changed the title
Smooth Carbon Narwhal - The interest rate is incorrectly updated when debt is repaid
ether_sky - The interest rate is incorrectly updated when debt is repaid
Oct 3, 2024
ether_sky
Medium
The interest rate is incorrectly updated when debt is repaid
Summary
In the protocol,
depositors
can supplyassets
ascollateral
to thepool
and earninterest
fromborrowers
.Borrowers
, in turn, canborrow
assets
and are required to payinterest
.It's essential that
interest rates
are correctly calculated for bothdebt
andcollateral
.However, during
repayment
, theinterest rate
fordebt
assets
is updated incorrectly.Vulnerability Detail
When
liquidity
changes (such as duringdeposits
,repayments
,borrowing
, orwithdrawals
), theinterest rate
adjusts.Specifically, in
line 158
,totalDebt
represents the currenttotal debt
of theasset reserve
.When
liquidity
increases (e.g.,deposits
orrepayments
), the_liquidityAdded
value is positive (line 165
).Conversely, when
liquidity
decreases (e.g.,borrowing
orwithdrawals
), the_liquidityTaken
value is positive (line 166
).These values are used to calculate new
interest rates
for bothdebt
andcollateral
.In the
executeRepay
function, theinterest rates
are updated inline 139
.At this point,
cache.nextDebtShares
does not account for therepaid debt
amount—it still equals thecurrent debt shares
.Only later, in
line 152
, do we updatecache.nextDebtShares
by subtracting the repaid amount from thecurrent debt shares
.However, this updated
nextDebtShares
should be used when calculating thenew interest rate
.Impact
Interest rates
are a critical part of thelending protocol
, andrepayment
can happen frequently.Each time a
repayment
occurs, theinterest rates
fordebt assets
are being incorrectly recalculated.The
total debt
has a significantimpact
on the calculation ofinterest rates
.Code Snippet
https://github.com/sherlock-audit/2024-06-new-scope/blob/c8300e73f4d751796daad3dadbae4d11072b3d79/zerolend-one/contracts/core/pool/logic/ReserveLogic.sol#L158-L177
https://github.com/sherlock-audit/2024-06-new-scope/blob/c8300e73f4d751796daad3dadbae4d11072b3d79/zerolend-one/contracts/core/pool/logic/BorrowLogic.sol#L139-L152
Tool used
Manual Review
Recommendation
Duplicate of #413
The text was updated successfully, but these errors were encountered: