sherlock-audit/2024-04-teller-finance-judging

KupiaSec - The interest rate model should be improved in the `LenderCommitmentGroup_Smart`.

Closed this issue · 0 comments

sherlock-admin4 commented

KupiaSec

medium

The interest rate model should be improved in the LenderCommitmentGroup_Smart.

Summary

The interest rate is fixed when the loan is made.

Vulnerability Detail

The interest rate is determined based on the PoolUtilizationRatio when the loan is made.

https://github.com/sherlock-audit/2024-04-teller-finance/blob/main/teller-protocol-v2-audit-2024/packages/contracts/contracts/LenderCommitmentForwarder/extensions/LenderCommitmentGroup/LenderCommitmentGroup_Smart.sol#L757-L771

    function getPoolUtilizationRatio() public view returns (uint16) {
        [...]
        return uint16(  Math.min(   
           getTotalPrincipalTokensOutstandingInActiveLoans()  * 10000  / 
@>         getPoolTotalEstimatedValue() , 10000  ));
    }   
 
    function getMinInterestRate() public view returns (uint16) {
@>      return interestRateLowerBound + uint16( uint256(interestRateUpperBound-interestRateLowerBound).percent(getPoolUtilizationRatio()) );
    }

However, the PoolUtilizationRatio is determined before incrementing totalPrincipalTokensLended.

https://github.com/sherlock-audit/2024-04-teller-finance/blob/main/teller-protocol-v2-audit-2024/packages/contracts/contracts/LenderCommitmentForwarder/extensions/LenderCommitmentGroup/LenderCommitmentGroup_Smart.sol#L336-L382

    function acceptFundsForAcceptBid(
        [...]
@>      require(_interestRate >= getMinInterestRate(), "Invalid interest rate");
        [...]
@>      totalPrincipalTokensLended += _principalAmount;
        [...]
    }

So, a user can borrow total amount of liquidity available in the LenderCommitmentGroup_Smart with the current interest rate which can be very low. Then PoolUtilizationRatio will become very high, but the liquidity providers will recieve interest based on the low interest rate fixed when the loan is made.

Impact

The liquidity providers would receive less interset than expected.

Code Snippet

https://github.com/sherlock-audit/2024-04-teller-finance/blob/main/teller-protocol-v2-audit-2024/packages/contracts/contracts/LenderCommitmentForwarder/extensions/LenderCommitmentGroup/LenderCommitmentGroup_Smart.sol#L757-L771

https://github.com/sherlock-audit/2024-04-teller-finance/blob/main/teller-protocol-v2-audit-2024/packages/contracts/contracts/LenderCommitmentForwarder/extensions/LenderCommitmentGroup/LenderCommitmentGroup_Smart.sol#L336-L382

Tool used

Manual Review

Recommendation

The interest rate model should be improved in the LenderCommitmentGroup_Smart.

Duplicate of #72