PawelK
medium
No deadline parameter in createCommitment function
The createCommitment function doesn't contain deadline parameter. If the lender would create commitment a function, and forget about it or would be blocked to send the function via griefing attack, or any other reason, he might not call deleteCommitment function and might get a not favorable deal, because of the volatile market conditions.
Unfavorable loan for the lender.
struct Commitment {
uint256 maxPrincipal;
uint32 expiration;
uint32 maxDuration;
uint16 minInterestRate;
address collateralTokenAddress;
uint256 collateralTokenId;
uint256 maxPrincipalPerCollateralAmount;
CommitmentCollateralType collateralTokenType;
address lender;
uint256 marketId;
address principalTokenAddress;
uint256 deadline; // add new parameter
}Manual Review
Add deadline field to createCommitment, and if the acceptCommitment function would be called after it, it should revert.
You could also add that if the lender sets deadline to 0, then it lasts until canceled.
It should be up to the lender to decide what risk of market change condition he is willing to take, and set according to the deadline for the commitment.