Omniscia Kanpeki Finance Audit
BorrowManager Manual Review Findings
BorrowManager Manual Review Findings
BMR-01M: Incorrect Repayment of Interest
Type | Severity | Location |
---|---|---|
Logical Fault | Medium | BorrowManager.sol:L408, L414, L418 |
Description:
The repay
function of the contract will always pay back the remaining / full interest of the debt in question, however, in doing so it will cause the interest of the debt to be re-paid if it has been previously extended.
Example:
contracts/managers/BorrowManager.sol
403function _repay (Debt memory debt, bytes32 debtID, uint256 debtRepaid, uint256 collateralToWithdraw) private404{405 Asset memory debtAsset = _getAsset(debt.token);406 ICoordinator coordinator = ICoordinator(_ADDRESSES.coordinator());407
408 uint256 interest = _calcPercentOf(debtRepaid, debt.interestRate);409
410
411 _stakingMgr().decreaseBorrowerExpectedStake(msg.sender, debt.token, debtRepaid);412
413 coordinator.decreaseTokenTotalBorrowed(debt.token, debtRepaid);414 coordinator.increaseTokenCumulativeInterestPaid(debt.token, interest);415
416
417 // interest: borrower -> interest vault418 IERC20(debt.token).safeTransferFrom(msg.sender, debtAsset.vaults.interest, interest);419 // debt (principal): borrower -> deposit vault420 IERC20(debt.token).safeTransferFrom(msg.sender, debtAsset.vaults.deposit, debtRepaid);421
422
423 if (collateralToWithdraw > 0)424 {425 // collateral: collateral vault -> borrower426 IERC20(debt.collateralToken).safeTransferFrom(_getAsset(debt.collateralToken).vaults.collateral, msg.sender, collateralToWithdraw);427 }428
429
430 emit Repay(debtID, msg.sender, debt.token, debtRepaid);431}
Recommendation:
We advise interest to only be paid when it is due as a debt that had been extended should have had its interest cleared.
Alleviation:
The Kanpeki team has stated that this is by design and as such we consider it a null exhibit.