search

Cyfrin / 2023-08-sparkn

Other
10 stars 15 forks source link

The variable BASIS_POINTS should be utilized to verify the accuracy of totalPercentage #755

Open codehawks-bot opened 1 year ago

codehawks-bot commented 1 year ago

The variable BASIS_POINTS should be utilized to verify the accuracy of totalPercentage

Severity

Low Risk

Relevant GitHub Links

https://github.com/Cyfrin/2023-08-sparkn/blob/main/src/Distributor.sol#L61

https://github.com/Cyfrin/2023-08-sparkn/blob/main/src/Distributor.sol#L135

Summary

The constant BASIS_POINTS is utilized but not invoked in the totalPercentage verification process.

Impact

The non-utilization of BASIS_POINTS may lead to confusion, as it can be mistaken for a different variable.

Tools Used

Manual code review

Recommendations

The BASIS_POINTS should be used.

-    if (totalPercentage != (10000 - COMMISSION_FEE)) {
+    if (totalPercentage != (BASIS_POINTS - COMMISSION_FEE)) {
wh1t3r05e commented 1 year ago

This issue was marked in my report as valid and duplicated by myself.

I only have one duplicate tag for myself in my report, when it is duplicate two should appear with the same tag.

However, it was not duplicated and nor did it receive a reward.

PatrickAlphaC commented 1 year ago

You don't get punished if you duplicate an issue yourself!

If you don't get awarded for this, could you please raise an issue on the technical issues forum in the discord?