GalloDaSballo
commented
2 years ago The warden may be unfimiliar with this syntax 10_000 == 10000 They are the same value, just a visual aid
Closed code423n4 closed 2 years ago
GalloDaSballo
commented
2 years ago The warden may be unfimiliar with this syntax 10_000 == 10000 They are the same value, just a visual aid
0xleastwood
commented
2 years ago agree with sponsor, marking issue invalid
Handle
Meta0xNull
Vulnerability details
Impact
MAX_FEE = 10_000
Seems like a typo because 10_000 is not a number and will break function calcMint()
Proof of Concept
https://github.com/Badger-Finance/badger-ibbtc-utility-zaps/blob/a5c71b72222d84b6414ca0339ed1761dc79fe56e/contracts/SettToRenIbbtcZap.sol#L48 https://github.com/Badger-Finance/badger-ibbtc-utility-zaps/blob/a5c71b72222d84b6414ca0339ed1761dc79fe56e/contracts/SettToRenIbbtcZap.sol#L214-L238
Tools Used
Manual Review
Recommended Mitigation Steps
Set MAX_FEE = 10000 or MAX_FEE = 1000 Depending On the Design.