Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DenTonylifer - Incentives will not be updated in updateFunds() function #1001

Open
sherlock-admin2 opened this issue Nov 25, 2024 · 0 comments
Open

DenTonylifer - Incentives will not be updated in updateFunds() function #1001

sherlock-admin2 opened this issue Nov 25, 2024 · 0 comments

Comments

@sherlock-admin2
Copy link

sherlock-admin2 commented Nov 25, 2024
edited by sherlock-admin3
Loading

DenTonylifer

High

Incentives will not be updated in updateFunds() function

Summary

In matchOffersV3(), the function will fail to update incentives, if there is at least one not-whitelisted pair in isPairWhitelisted[informationOffers[i].principle][collateral];.

Root Cause

Link

Lender can create a lend offer with one principal token and many collaterals, and borrower creates an offer with one collateral and many principals. When borrower's offer matches with many lender's offers, there will many pairs of tokens. If some of this pairs were incentivized, incentives for this pairs should be updated. But, for example, if token from the first index in offers[] and collateral token are not whitelisted pair, then updateFunds() function will return:

for (uint i = 0; i < lenders.length; i++) {
            bool validPair = isPairWhitelisted[informationOffers[i].principle][
                collateral
            ];
            if (!validPair) {
                return;
            }

The issue is other pairs in the array may be whitelisted, but incentives for them will not be updated, causing the borrower and lenders to not receive their incentives.

Internal pre-conditions

Some pairs of tokens were not whitelisted. Since which tokens to use is the choice of the borrower and lender, it's not an admin mistake to not whitelist all existing pairs of tokens.
Moreover, the code clearly expects that some pairs might not be whitelisted:

if (!validPair) {
                return;
            }

So it's ok if some pair are not whitelisted, untill it not prevents whitelisted pairs to update and claim incentive tokens.

External pre-conditions

None.

Attack Path

  • Borrower and lenders matches their offers;
  • Pair Lender_1 principal -- collateral is not whitelisted for incentives, but other lender's principal are whitelisted with collateral token and should be updated
  • But they will not be updated, because first pair was not whitelisted.

Impact

Incentives will not be updated for borrower and lenders, leading to loss of incentive tokens.

PoC

No response

Mitigation

for (uint i = 0; i < lenders.length; i++) {
            bool validPair = isPairWhitelisted[informationOffers[i].principle][
                collateral
            ];
            if (!validPair) {
-                return;
+                continue;
            }
@sherlock-admin3 sherlock-admin3 changed the title Dapper Latte Gibbon - Incentives will not be updated in updateFunds() function DenTonylifer - Incentives will not be updated in updateFunds() function Dec 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sherlock-admin2