HardlyDifficult
commented
2 years ago Closed HardlyDifficult closed 2 years ago
HardlyDifficult
commented
2 years ago 
JeeberC4
commented
2 years ago Issue recreated with script that includes all required data.
From hickuphh3 in https://github.com/code-423n4/2022-05-cally-findings/issues/41
L02: Lack of upper bound for feeRate Line References https://github.com/code-423n4/2022-05-cally/blob/1849f9ee12434038aa80753266ce6a2f2b082c59/contracts/src/Cally.sol#L120
Description Fees can be set above 1e18, preventing options from being exercised.
Recommended Mitigation Steps Consider having a hard cap of x% < 100%.
// Eg. cap protocol fee to max 5% require(feeRate_ < 5e16, "feeRate limit exceeded");