The spec defines the number of LP units to be minted as units = (P (a B + A b))/(2 A B) * slipAdjustment = P * (part1 + part2) / part3 * slipAdjustments but the Utils.calcLiquidityUnits function computes ((P * part1) + part2) / part3 * slipAdjustments.
The associativity on P * part1 is wrong, and part2 is not multiplied by P.
Impact
The math from the spec is not correclty implemented and could lead to the protocol being economically exploited, as redeeming the minted LP tokens does not result in the initial tokens anymore.
Handle
@cmichelio
Vulnerability details
Vulnerability Details
The spec defines the number of LP units to be minted as
units = (P (a B + A b))/(2 A B) * slipAdjustment = P * (part1 + part2) / part3 * slipAdjustments
but theUtils.calcLiquidityUnits
function computes((P * part1) + part2) / part3 * slipAdjustments
. The associativity onP * part1
is wrong, andpart2
is not multiplied byP
.Impact
The math from the spec is not correclty implemented and could lead to the protocol being economically exploited, as redeeming the minted LP tokens does not result in the initial tokens anymore.
Recommended Mitigation Steps
Fix the equation.