OxTushar - Missing Fallback for Incentives Update will result in Permanent loss of user incentives due to design limitations.

[sherlock-admin2]

OxTushar

High

Missing Fallback for Incentives Update will result in Permanent loss of user incentives due to design limitations.

Summary

The protocol lacks a fallback mechanism for updating incentives in the event of failed transactions of the update funds in the DebitaIncentives.sol
https://github.com/sherlock-audit/2024-11-debita-finance-v3/blob/main/Debita-V3-Contracts/contracts/DebitaIncentives.sol#L316
If an update to user incentives fails due to collateral not being added from the owner's side, such as unwhitelisted tokens or misconfigurations, users will permanently lose access to their incentives.

Root Cause

The updateFunds function does not provide a way to retry or recover in the event of a failure.
If incentives for users are not updated successfully (e.g., due to unwhitelisted principles or invalid configurations), there is no mechanism to handle or retry the update.

The protocol design enforces a one-time update per transaction, with no reprocessing or corrective measures.
Once an incentive update fails, the associated incentives for the user are effectively lost for the users.

The dependency on manually whitelisting principles or pairs by the owner creates a single point of failure. If a pair is not whitelisted before updateFunds is called, users’ rewards will not be updated.

https://github.com/sherlock-audit/2024-11-debita-finance-v3/blob/main/Debita-V3-Contracts/contracts/DebitaIncentives.sol#L405

bool validPair = isPairWhitelisted[informationOffers[i].principle][collateral];
if (!validPair) {
    return; // Fails silently, resulting in loss of incentives
}

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

Users will lose their earned incentives if the update fails, as the protocol lacks recovery options.

PoC

A malicious or negligent owner fails to whitelist principles or tokens before an updateFunds call.
Incentive updates fail silently, and users are left with no way to recover their rewards.

Mitigation

Implement a fallback for failed updates to allow retries or alternative processing:

mapping(bytes32 => bool) public pendingIncentives;

function fallbackUpdateFunds(
    bytes32 failedTxHash,
    address collateral,
    address[] memory lenders,
    address borrower
) external onlyOwner {
    require(pendingIncentives[failedTxHash], "No pending update");
    // Retry the failed update logic here
    pendingIncentives[failedTxHash] = false;
}

Validate all required configurations (e.g., whitelisted pairs and tokens) before calling updateFunds:

require(
    isPrincipleWhitelisted[principle],
    "Principle not whitelisted"
);