Lucene search
K

7 matches found

Code423n4
Code423n4
added 2022/04/07 12:0 a.m.10 views

Loan can not be repaid when the BorrowTicket's owner is a contract with no onERC721Received method

Lines of code Vulnerability details In repayAndCloseLoan, after the loan is repaid, the Collateral NFT will safeTransferFrom addressthis to the owner of the BorrowTicket NFT, which is the mintBorrowTicketTo used in createLoan, must implement the onERC721Received method for the safeTransferFrom to...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/04/07 12:0 a.m.10 views

Using transferFrom on ERC721 tokens

Lines of code Vulnerability details In the function closeLoan of contract NFTLoanFacilitator.sol, the transferFrom keyword is used instead of safeTransferFrom. If the arbitrary sendCollateralTo address is a contract and is not aware of the incoming ERC721 token, the sent token could be locked. I...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/04/07 12:0 a.m.8 views

Using transferFrom on ERC721 tokens transfer

Lines of code Vulnerability details Impact In the function closeLoan of contract NFTLoanFacilitator, collateral ERC721 token is sent to sendCollateralTo, the transferFrom keyword is used instead of safeTransferFrom. If any sendCollateralTo is a contract and is not aware of incoming ERC721 tokens,...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/04/07 12:0 a.m.9 views

Lend and borrow tickets can be transferred to the NFTLoanFacilitator

Lines of code Vulnerability details Impact Both lend and borrow tickets can be intentionally or accidentally transferred to the NFTLoanFacilitator contract. Since the NFTLoanFacilitator has no mechanism for rescuing these tokens or preventing their transfer, borrowers may be unable to repay,...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/04/07 12:0 a.m.13 views

Malicious users can frontrun borrowers trying to repay loans, causing DoS and possibly a loan default

Lines of code Vulnerability details Impact Attackers can listen for a borrower to call repayAndCloseLoan on a specific loanId, and frontrun their transaction with a call to lend, creating a new loan with an increased amount, causing the borrower's transaction to fail due to the new loanAmount bei...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/04/07 12:0 a.m.9 views

sendCollateralTo is unchecked in closeLoan(), which can cause user's collateral NFT to be frozen

Lines of code Vulnerability details function closeLoanuint256 loanId, address sendCollateralTo external override notClosedloanId requireIERC721borrowTicketContract.ownerOfloanId == msg.sender, "NFTLoanFacilitator: borrow ticket holder only"; Loan storage loan = loanInfoloanId;...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/04/06 12:0 a.m.12 views

Lack of Limit on amount Allows Borrowers To Be Extorted For Interest Payments

Lines of code Vulnerability details Impact There is on limit on the upper bounds on the amount a lender may send to a borrower. Borrowers will then be forced to pay interest and facilitators fee on the full amount loaned. The impact for a borrower is that they may be forced to repay significantly...

6.8AI score
Exploits0
Rows per page
Query Builder