The Vader._checkEmission functions caps the fee at 1000 = 10% but the max fee that can be returned from the iUTILS(UTILS).getFeeOnTransfer call is 100.
// returns value between 0 and 100
feeOnTransfer = iUTILS(UTILS).getFeeOnTransfer(
totalSupply,
maxSupply
); // UpdateFeeOnTransfer
if (feeOnTransfer > 1000) {
feeOnTransfer = 1000;
} // Max 10% if UTILS corrupted
Impact
It seems like there is a misunderstanding in whether the fee should be at most 1% (Utils.sol) or 10% (Vader.sol).
Recommended Mitigation Steps
Clarify what the max fee should be and adjust either Utils.getFeeOnTransfer or the Vader._checkEmission cap.
Handle
@cmichelio
Vulnerability details
Vulnerability Details
The
Vader._checkEmissionfunctions caps the fee at1000= 10% but the max fee that can be returned from theiUTILS(UTILS).getFeeOnTransfercall is100.Impact
It seems like there is a misunderstanding in whether the fee should be at most 1% (Utils.sol) or 10% (Vader.sol).
Recommended Mitigation Steps
Clarify what the max fee should be and adjust either
Utils.getFeeOnTransferor theVader._checkEmissioncap.