Small Shamrock Rook
Medium
borrowRateMaxMantissa is incorrectly configured for Arbitrum mainnet, enabling absurdly high borrow rates
The borrowRateMaxMantissa constant variable’s value has been taken from Compound, but not updated to work on other chains (Arbitrum, Base), allowing for incorrectly high borrow rates.
borrowRateMaxMantissa in CTokenStorage is a constant variable that is set to prevent interest rates from being absurdly high.
During interest accrual:
require(
borrowRateMantissa <= borrowRateMaxMantissa,
"borrow rate is absurdly high"
);It represents the maximum borrow rate per block. It’s currently hardcoded to 0.0005e16, but this is only valid for ETH mainnet’s block time (forked from Compound).
Since Numa protocol will be deployed on Arbitrum, with an average block time of 0.25s, this rate of 0.0005e16 per block corresponds to a much higher APY than it does on ETH mainnet.
On ETH, with a block time of 12s, the max borrow APR is 0.0005% * (365 * 24 * 3600)/12 = 1314%
However on Arbitrum, with a block time of 0.25s, the max borrow APR is 0.0005% * (365 * 24 * 3600) / 0.25 = 63072%
Deploy on arbitrum
No response
No response
The max borrow rate is absurdly high and this is not prevented, as it should be.
No response
Set borrowRateMaxMantissa based on the chain id, or have a setter function for it.