HardlyDifficult
commented
2 years ago Closed HardlyDifficult closed 2 years ago
HardlyDifficult
commented
2 years ago 
JeeberC4
commented
2 years ago Issue recreated with script that includes all required data.
From Kenshin in https://github.com/code-423n4/2022-05-cally-findings/issues/174
feeRate Can Be Set to 100% Permalinks https://github.com/code-423n4/2022-05-cally/blob/1849f9ee12434038aa80753266ce6a2f2b082c59/contracts/src/Cally.sol#L120
Description There is no maximum limit on how high the feeRate can be, which might result in a fee rate of 100%, meaning the protocol will collect every ether sent in.
Mitigation It is recommended to add a validation of the acceptable maximum limit for the feeRate variable.