Lines of code
<https://github.com/code-423n4/2023-12-particle/blob/main/contracts/protocol/ParticlePositionManager.sol#L581-L585&gt;

Vulnerability details

Impact

If the protocol updates the loan terms, this will affect existing loans taken under different terms.

Proof of Concept

LOAN_TERM is a guarantee for the lender (liquidity provider) to eventually get their liquidity back. After loan term has passed the lender can cause the loan to be possible to liquidate by claiming their liquidity.

In a similar fashion the borrower is guaranteed (as long as they keep their premium up) to not be liquidated during the LOAN_TERM.

This is enforced in ParticlePositionManager::liquidatePosition:

File: contracts/protocol/ParticlePositionManager.sol

365:                    lien.startTime + LOAN_TERM < block.timestamp))

Since only the startTime of the lien is stored, the LOAN_TERM is read at time of liquidation.

The protocol can change loan term. This would break all the previous agreements between lenders and borrowers. Which could possibly cause unwanted liquidations for borrowers or lenders to be forced to wait longer to get their liquidity back.

Tools Used

Manual audit

Recommended Mitigation Steps

Consider storing the loan term in the lien.

Assessed type

Other

---

The text was updated successfully, but these errors were encountered:

All reactions