Closed code423n4 closed 2 years ago
WatchPug
https://github.com/code-423n4/2021-12-amun/blob/98f6e2ff91f5fcebc0489f5871183566feaec307/contracts/basket/contracts/facets/Basket/BasketFacet.sol#L260-L262
totalSupply.mul(annualizedFee).div(10**18).mul(timePassed).div( 365 days );
Can be changed to:
totalSupply.mul(annualizedFee).mul(timePassed).div( 365 days ).div(10**18);
Otherwise, when totalSupply and annualizedFee are smaller numbers, the resulting number can be less than expected due to precision loss.
totalSupply
annualizedFee
Duplicate of #155
0xleastwood
commented
2 years ago 0xleastwood
commented
2 years ago
Handle
WatchPug
Vulnerability details
https://github.com/code-423n4/2021-12-amun/blob/98f6e2ff91f5fcebc0489f5871183566feaec307/contracts/basket/contracts/facets/Basket/BasketFacet.sol#L260-L262
Can be changed to:
Otherwise, when
totalSupplyandannualizedFeeare smaller numbers, the resulting number can be less than expected due to precision loss.