Griefing (e.g. no profit motive for an attacker, but damage to the users or the protocol)
Contract fails to deliver promised returns, but doesn't lose value
Description
Brief/Intro
The `withdraw_base()` contains a condition to prevent creation of loans smaller than `base_borrow_min` amount. This limitation can be bypassed, by creating a larger loan (higher than `base_borrow_min` amount) and repaying some portion of it so that the remaining part is lower than `base_borrow_min`.
Vulnerability Details
The `withdraw_base()` method contains the following condition: ``` require( u256::try_from(user_balance.wrapping_neg()) .unwrap() >= storage .market_configuration .read() .base_borrow_min, Error::BorrowTooSmall, ); ``` While it prevents a borrow for taking a too small loan, this check is not present in the `supply_base()`. As a result a user can take a larger loan and then repay immediately back some smaller portion so that the balance will eventually be lower than `base_borrow_min`.
Impact Details
The impact of this issue is that if those position are small enough they may not be worth to cover the gas cost of calling the `absorb()` for those accounts. Hence the collateral will be stuck in the contract as there would be no financial incentive to take out such a small amount. While those amounts are small they can amass over time on multiple accounts, hence the chosen severity is Medium as it falls into griefing category.
References
condition in the `withdraw_base()`: https://github.com/Swaylend/swaylend-monorepo/blob/bbfa0b0840311d0eb0519d2b4fed8bf9d06868cd/contracts/market/src/main.sw#L625
Proof of Concept
Proof of Concept
The PoC presents creation of a debt position of size `1`: ``` #[tokio::test] async fn poc_create_small_loan() { let TestData { wallets, alice, alice_account, bob, bob_account, chad, market, assets, usdc, eth, oracle, price_feed_ids, publish_time, prices, usdc_contract, .. } = setup().await;
