J4de
medium
File: TellerV2.sol
560 function claimLoanNFT(uint256 _bidId)
561 external
562 acceptedLoan(_bidId, "claimLoanNFT")
563 whenNotPaused
564 {
565 // Retrieve bid
566 Bid storage bid = bids[_bidId];
567
568 address sender = _msgSenderForMarket(bid.marketplaceId);
569 require(sender == bid.lender, "only lender can claim NFT");
570 // mint an NFT with the lender manager
571 lenderManager.registerLoan(_bidId, sender);
572 // set lender address to the lender manager so we know to check the owner of the NFT for the true lender
573 bid.lender = address(lenderManager);
574 }After the loan is initiated, the lender can call claimLoanNFT function to convert the debt to NFT and sell it on the secondary market. The problem here is that the claimLoanNFT function should not be affected by the pause.
According to the design of the contract, the pause should just stop opening new loans and not affect the loans that have already started. Therefore, it should be possible to call claimLoanNFT function to convert the NFT at a pause when the loan has already been initiated.
Imagine the following two scenarios:
- Most people lenders don't call the
claimLoanNFTfunction after starting a loan (who wants to pay an extra gas fee?), when they need money urgently, they find that the Teller market has paused, and they can't sell their debt. - A very small number of lenders call the
claimLoanNFTfunction after starting the loan, and these lenders are free to trade their debts without being affected by the pause.
If my understanding is correct, in the first scenario the lender's debt transaction is frozen. If it's the way it's designed to be, then the lender in the second scenario can bypass this design, which is also a medium problem.
Lender's debt transactions frozen.
Manual Review
It is recommended that the claimLoanNFT function is not affected by pause.