L-01: Round-off errors in frxETHMinter._submit can lead to loss of funds
Although the amount we are speaking about are tiny, perhaps consider rounding up when the withholdRatio is set to a non-zero value. Otherwise the possiblity exists that when extremely small msg.values are sent nothing is withheld.
The only check done for msg.value is to see if it is greater than zero on line 88. No other checks are done
require(msg.value != 0, "Cannot submit 0");
However, msg.value on line 96, is being divided by a constant RATIO_PRECISION which can lead to a result of zero for withheld_amt
L-01: Round-off errors in
frxETHMinter._submit
can lead to loss of fundsAlthough the amount we are speaking about are tiny, perhaps consider rounding up when the
withholdRatio
is set to a non-zero value. Otherwise the possiblity exists that when extremely smallmsg.value
s are sent nothing is withheld.The only check done for
msg.value
is to see if it is greater than zero on line 88. No other checks are doneHowever,
msg.value
on line 96, is being divided by a constantRATIO_PRECISION
which can lead to a result of zero forwithheld_amt