PawelK
medium
No deadline parameter in submitBid function
The submitBid function doesn't contain deadline parameter. If the borrower would submit function, and forget about it, or would be blocked to send the function via griefing attack, or any other reason, he might not call cancelBid function and might get a not favorable deal, because of the volatile market conditions.
Unfavorable loan for the borrower.
function _submitBid(
address _lendingToken,
uint256 _marketplaceId,
uint256 _principal,
uint32 _duration,
uint16 _APR,
string calldata _metadataURI,
address _receiver,
uint256 _deadline // add new parameter
) internal virtual returns (uint256 bidId_) Manual Review
Add deadline field to submitBid, and if the acceptLoan function would be called after it, it should revert.
You could also add that if the user sets deadline to 0, then it lasts until canceled.
It should be up to the borrower to decide what risk of market change condition he is willing to take, and set according to the deadline for the bid.