Platform: Code4rena
Start Date: 05/04/2022
Pot Size: $30,000 USDC
Total HM: 10
Participants: 47
Period: 3 days
Judge: gzeon
Total Solo HM: 4
Id: 106
League: ETH
Rank: 11/47
Findings: 1
Award: $497.71
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: WatchPug
Also found by: CertoraInc, hickuphh3
497.7053 USDC - $497.71
https://github.com/code-423n4/2022-04-backed/blob/main/contracts/NFTLoanFacilitator.sol#L177
It is possible for the calculated interest rate improvement to be zero if the existing interest rate is low enough (≤ 0.9% with 10% improvement rate). In such cases, lenders can compete to continually buyout each other with the same terms. The borrower will at the very least benefit from having his loan duration reset.
Assume a loan of 0.9% interest is specified. Minimum improvement rate is unchanged at 10%.
The minimal rate improvement will be
previousInterestRate * requiredImprovementRate / SCALAR = 9 * 100 / 1000 = 0
Foundry test:
function testBuyoutSucceedsWithSameTermsForLowInterestRate() public { interestRate = 9; (, uint256 loanId) = setUpLoanWithLenderForTest(borrower, lender); address newLender = address(3); setUpLender(newLender); vm.startPrank(newLender); facilitator.lend( loanId, interestRate, loanAmount, loanDuration, newLender ); }
A common unit of interest rates is basis points. Increase SCALAR to 10_000. Additionally, have interest rates be specified at intervals of 10 = 0.1%.
require(interestRate % 10 == 0, 'NFTLoanFacilitator: interest rate too granular');
#0 - wilsoncusack
2022-04-08T01:10:17Z
#80 will be canonical here
#1 - gzeoneth
2022-04-15T13:04:02Z
Duplicate #80