Users' loan debt can be increased involuntarily by the interest already accrued

[codehawks-bot]

Users' loan debt can be increased involuntarily by the interest already accrued

Severity

High Risk

Relevant GitHub Links

https://github.com/Cyfrin/2023-07-beedle/blob/main/src/Lender.sol#L355

https://github.com/Cyfrin/2023-07-beedle/blob/main/src/Lender.sol#L420

Summary

A user's loan debt can be increased by the pool lender if they decide to give the loan to another pool.

Vulnerability Details

Lender.sol's giveLoan() gives an already active loan to another pool. The issue arises because the old pool lender's interest and the protocol fees are paid out of the new pool's balance. The issue arises due to the debt of the loan being set to debt + interest + protocol interest.

function giveLoan(
        uint256[] calldata loanIds,
        bytes32[] calldata poolIds
    ) external {
		uint256 totalDebt = loan.debt + lenderInterest + protocolInterest;
		
		...
		
		loans[loanId].debt = totalDebt;

		...
}

From this point on the user will get charged a higher amount in fees and will need to return a higher amount upon repaying the debt. It is an issue as the user didn't approve of such an act, nor did something wrong (i.e. having a bad collateral ratio to get liquidated). This is outright punishing the user in a manner that the user cannot prevent.

Impact

The user will get charged a higher amount of interest because the debt amount is higher than supposed to be. Hence the impact is a direct loss of funds.

Tools Used

Manual Review

Recommendations

Consider re-implementing the loan-giving system in a way that doesn't punish users for mindfully participating in the protocol. Such a debt increase should only happen in a case where the loan gets refinanced due to an auction.

[PatrickAlphaC]

The debt here is debt that has already accrued and needs to be included since the new loan might have a different interest rate, etc.