Festive Gingham Chameleon
High
A borrower can act as a lender to his own loan, creating a circular loan structure. A borrower could take advantage of the system by effectively lending funds back to themselves using the same collateral, leading to a recursive debt loop. This situation creates an opportunity for protocol manipulation and capital misallocation, potentially exposing the protocol to risk. https://github.com/sherlock-audit/2024-09-predict-fun-dustinhuel2/blob/41e70f9eed3f00dd29aba4038544150f5b35dccb/predict-dot-loan/contracts/PredictDotLoan.sol#L206-L209 Assume proposal.from = lender. The borrower could call acceptLoanOffer() function to receive original collateral tokens.
The contract may not properly restrict borrowers from acting as lenders on their own loan or on loans closely associated with them. This oversight can lead to situations where a borrower loans funds to the original lender, essentially creating a circular loan flow. This self-lending strategy can allow the borrower to continuously extend or manipulate loans without ever properly repaying the original debt.
- Borrower needs to have an outstanding loan with a lender.
- Borrower needs to be able to act as a lender in the system and create a loan offer.
- The borrower creates a loan offer where they lend funds to the original lender or other associated entities using the same or new collateral.
- The borrower’s identity as a lender is not appropriately tracked or restricted, allowing them to loan funds back to the original lender.
- The protocol lacks restrictions that prevent borrowers from acting as lenders on their own loans or loans closely associated with their account.
- Borrower takes out a loan from the lender, securing the loan with collateral.
- Instead of repaying the original loan, the borrower switches roles and acts as a lender within the protocol.
- The borrower then lends funds back to the original lender or to themselves using a different account, creating a new loan backed by the same or new collateral.
- The borrower continues this process, essentially cycling loans back and forth between themselves as both borrower and lender, using the same or new collateral each time. This allows the borrower to extend the loan term indefinitely or manipulate loan terms to their advantage.
- This recursive loan structure can allow the borrower to access capital repeatedly without properly repaying the original loan. The borrower’s debt can snowball while the lender is left without proper repayment.
The borrower can extend their available funds by acting as a lender with the loaned funds, effectively creating a self-lending loop and increasing their liquidity without repaying the original loan, potentially leading to capital misallocation and systemic risks for the protocol and lenders.
No response
Implement a rule that prevents a borrower from acting as a lender on their own loan or any loan involving their collateral. Enforce stricter role separation between lenders and borrowers within the protocol. If a user is currently borrowing, they should not be allowed to lend within the system until their existing loan is repaid or closed.