This repository has been archived by the owner on Apr 28, 2024. It is now read-only.
AuditorPraise - old borrowing key is used instead of newBorrowingKey when adding old loans to the newBorrowing in LiquidityBorrowingManager.takeOverDebt()
#53
Assignees
Labels
Has Duplicates
A valid issue with 1+ other issues describing the same vulnerability
High
A valid High severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
Comments
github-actions
bot
added
High
This was referenced Oct 26, 2023
Closed
|
This is an inattention error related to the accelerated development of the project. I think we would have fixed this during testing, but thanks for the hint anyway. We will fix it. |
fann95
added
Sponsor Confirmed
sherlock-admin
changed the title
newBorrowingKey when adding old loans to the newBorrowing in LiquidityBorrowingManager.takeOverDebt()newBorrowingKey when adding old loans to the newBorrowing in LiquidityBorrowingManager.takeOverDebt()
|
Fix looks good. Correct variable is used now |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
AuditorPraise
medium
old borrowing key is used instead of
newBorrowingKeywhen adding old loans to the newBorrowing in LiquidityBorrowingManager.takeOverDebt()Summary
when
_addKeysAndLoansInfo()is called within LiquidityBorrowingManager.takeOverDebt(), old Borrowing Key is used and notnewBorrowingKeysee hereVulnerability Detail
The old borrowing key credentials are deleted in
_removeKeysAndClearStorage(oldBorrowing.borrower, borrowingKey, oldLoans);see hereAnd a new borrowing key is created with the holdToken, saleToken, and the address of the user who wants to take over the borrowing in the
_initOrUpdateBorrowing(). see herenow the old borrowing key whose credentials are already deleted is used to update the old loans in
_addKeysAndLoansInfo()instead of thenewBorrowingKeygenerated in_initOrUpdateBorrowing()see hereImpact
wrong borrowing Key is used (i.e the old borrowing key) when adding old loans to
newBorrowingTherefore the wrong borrowing key (i.e the old borrowing key) will be added as borrowing key for tokenId of old Loans in
tokenIdToBorrowingKeysin _addKeysAndLoansInfo()(i.e when the bug of
update boolbeing false, is corrected, devs should understand :))Code Snippet
https://github.com/sherlock-audit/2023-10-real-wagmi/blob/main/wagmi-leverage/contracts/LiquidityBorrowingManager.sol#L440-L441
Tool used
Manual Review
Recommendation
use newBorrowingKey when calling
_addKeysAndLoansInfo()instead of old borrowing key.The text was updated successfully, but these errors were encountered: