Closed HardlyDifficult closed 2 years ago
From BowTiedWardens in https://github.com/code-423n4/2022-05-cally-findings/issues/190
[L-02] Fee in Cally.setFee() should be upper-bounded A malicious owner or owner account compromise can set the fee very high, up to 100%, siphoning all profits from the protocol.
Consider implementing a reasonable upper limit here:
File: Cally.sol 119: function setFee(uint256 feeRate) external onlyOwner { 120: feeRate = feeRate; 121: }
Dupe of https://github.com/code-423n4/2022-05-cally-findings/issues/48
Issue recreated with script that includes all required data.
From BowTiedWardens in https://github.com/code-423n4/2022-05-cally-findings/issues/190
[L-02] Fee in Cally.setFee() should be upper-bounded A malicious owner or owner account compromise can set the fee very high, up to 100%, siphoning all profits from the protocol.
Consider implementing a reasonable upper limit here:
File: Cally.sol 119: function setFee(uint256 feeRate) external onlyOwner { 120: feeRate = feeRate; 121: }