search

code-423n4 / 2021-07-sherlock-findings

0 stars 0 forks source link

Confusing exponentiation (10e17) #129

Open code423n4 opened 3 years ago

code423n4 commented 3 years ago

Handle

0xsanson

Vulnerability details

Impact

The value 10e17 can be confusing, since it doesn't clearly appear from where the exponent 17 comes from (people may ctrl+f or grep the code for other instances of it without results). Indeed throughout the code the expression 10**18 is used.

Proof of Concept

https://github.com/code-423n4/2021-07-sherlock/blob/main/contracts/facets/Payout.sol#L185

Tools Used

editor

Recommended Mitigation Steps

Better ways of writing it are 1e18 or 10**18.

Evert0x commented 3 years ago

Good point to add some readability.