Modifying the loan term setting can default existing loans #52
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-05
primary issue
Highest quality submission among a set of duplicates
selected for report
This submission will be included/highlighted in the audit report
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
Lines of code
https://github.com/code-423n4/2023-12-particle/blob/a3af40839b24aa13f5764d4f84933dbfa8bc8134/contracts/protocol/ParticlePositionManager.sol#L365
Vulnerability details
Summary
Protocol admins can modify the loan term settings. This action can inadvertently default existing loans created under different terms.
Impact
Positions in the Particle LAMM protocol are created for a configurable period of time, defined by the
LOAN_TERM
variable. If the loan exceeds this duration, and the LP owner stops renewals that affect their position, the lien can be liquidated.https://github.com/code-423n4/2023-12-particle/blob/a3af40839b24aa13f5764d4f84933dbfa8bc8134/contracts/protocol/ParticlePositionManager.sol#L358-L368
The liquidation condition in line 365 does the check using the current value of
LOAN_TERM
. As the loan term can be updated usingupdateLoanTerm()
, this means that reducing this value may inadvertently cause the liquidation of existing positions that were originally intended for a longer period of time.Proof of concept
Let's say the current configured loan term in ParticlePositionManager is 2 weeks.
reclaimLiquidity()
to stop it from being renewed.Recommendation
Store the loan term value at the time the position was created in the Lien structure, e.g. in
lien.loanTerm
. When checking the liquidation condition, calculate the end time using this value to honor the original loan term.Assessed type
Other
The text was updated successfully, but these errors were encountered: