Set Limits on setFee() - Githubissues

code-423n4 / 2022-05-cally-findings

2 stars 0 forks source link

Set Limits on setFee() #315

Closed HardlyDifficult closed 2 years ago

HardlyDifficult commented 2 years ago

From Cityscape in https://github.com/code-423n4/2022-05-cally-findings/issues/98

Set Limits on setFee() A Malicious owner could set feeRate to = (100 * 1e18) / 100; which would give the entire value of an exercise() transaction to the protocol, create a limit on the fees the owner can set.

https://github.com/code-423n4/2022-05-cally/blob/1849f9ee12434038aa80753266ce6a2f2b082c59/contracts/src/Cally.sol#L119-L121

HardlyDifficult commented 2 years ago

Dupe of https://github.com/code-423n4/2022-05-cally-findings/issues/48

JeeberC4 commented 2 years ago

Issue recreated with script that includes all required data.