Closed HardlyDifficult closed 2 years ago
From Cityscape in https://github.com/code-423n4/2022-05-cally-findings/issues/98
Set Limits on setFee() A Malicious owner could set feeRate to = (100 * 1e18) / 100; which would give the entire value of an exercise() transaction to the protocol, create a limit on the fees the owner can set.
https://github.com/code-423n4/2022-05-cally/blob/1849f9ee12434038aa80753266ce6a2f2b082c59/contracts/src/Cally.sol#L119-L121
Dupe of https://github.com/code-423n4/2022-05-cally-findings/issues/48
Issue recreated with script that includes all required data.
From Cityscape in https://github.com/code-423n4/2022-05-cally-findings/issues/98
Set Limits on setFee() A Malicious owner could set feeRate to = (100 * 1e18) / 100; which would give the entire value of an exercise() transaction to the protocol, create a limit on the fees the owner can set.
https://github.com/code-423n4/2022-05-cally/blob/1849f9ee12434038aa80753266ce6a2f2b082c59/contracts/src/Cally.sol#L119-L121