Lack Of Precision

[code423n4]

Handle

robee

Vulnerability details

This issue is about arithmetic computation that could have been done more percise. The following are places in the codebase in which you multiplied after the divisions. Doing the multiplications at start lead to more accurate calculations. This is a list of places in the code that this appears (Solidity file, line number, actual line):

    CreditLine.sol, 450, uint256 _maxPossible = _totalCollateralToken.mul(_ratioOfPrices).div(creditLineConstants[_id].idealCollateralRatio).mul(10**30).div( 
    CreditLine.sol, 870, uint256 currentCollateralRatio = calculateTotalCollateralTokens(_id).mul(_ratioOfPrices).div(currentDebt).mul(10**30).div( 
    CreditLine.sol, 1046, _totalCollateralTokens.mul(uint256(10**30).sub(liquidatorRewardFraction)).div(10**30).mul(_ratioOfPrices).div(10**_decimals) 
    Pool.sol, 907, return _totalCollateralTokens.mul(_ratioOfPrices).div(10**_decimals).mul(uint256(10**30).sub(_fraction)).div(10**30); 

[ritik99]

We're shifting to 1e30 base wherever there are calculations, this ensures we're maintaining sufficient precision. Division before the multiplication is used in places where overflow is a possibility