GalloDaSballo
commented
2 years ago Agree with the finding, due to integer division the rounding can return a 0 there which can cause issues Given the low likelihood of this happening low severity is proper
Handle
itsmeSTYJ
Vulnerability details
Impact
If tokensNeeded is 0, it is possible to remove all the funds in the basket since no tokens are required to pass the balanceOf checks. The chances of this happening is very unlikely however it is better to be safe than sorry.
Recommended Mitigation Steps
Add a require statement to check that the numerator (
basketAsERC20.totalSupply() * pendingWeights[i] * newRatio) is greater than or eq to the denominator (BASE * BASE). This will ensure that it can never round down i.e. tokensNeeded can never be 0.