Nice Indigo Squid
High
BorrowOrder can't be created for NFTs in createBorrowOrder() because it assumes all collateral to be ERC20 token.
In createBorrowOrder(), there is statement which checks the balanceOf borrowImplementation and compares it with the collateralAmount.
function createBorrowOrder(
bool[] memory _oraclesActivated,
uint[] memory _LTVs,
uint _maxInterestRate,
uint _duration,
address[] memory _acceptedPrinciples,
address _collateral,
bool _isNFT,
uint _receiptID,
address[] memory _oracleIDS_Principles,
uint[] memory _ratio,
address _oracleID_Collateral,
uint _collateralAmount
) external returns (address) {
....
uint balance = IERC20(_collateral).balanceOf(address(borrowOffer));
require(balance >= _collateralAmount, "Invalid balance");
....
}BorrowOrder can be created for ERC20 as well as ERC721. Now the problem is, above mentioned line assumes that the collateral is always ERC20 token and uses IERC20 to get the balanceOf borrowOffer. However collateral can be ERC721 also and in that case transaction will revert causing DOS.
None
None
Users can create borrow order for ERC20 as well as ERC721, but when user will try to create order for ERC721, it will revert the transaction
Users can't create borrowOrder of ERC721 tokens, causing DoS
No response
Use those lines in a if-else statement
- uint256 balance = IERC20(_collateral).balanceOf(address(borrowOffer));
- require(balance >= _collateralAmount, "Invalid balance");
+ if (_isNFT) {
+ uint256 balance = IERC721(_collateral).balanceOf(address(borrowOffer));
+ require(balance >= _collateralAmount, "Invalid balance");
+ } else {
+ uint256 balance = IERC20(_collateral).balanceOf(address(borrowOffer));
+ require(balance >= _collateralAmount, "Invalid balance");
+ }