L-01: Round-off errors in frxETHMinter._submit can lead to loss of funds
Although the amount we are speaking about are tiny, perhaps consider rounding up when the withholdRatio is set to a non-zero value. Otherwise the possiblity exists that when extremely small msg.values are sent nothing is withheld.
The only check done for msg.value is to see if it is greater than zero on line 88. No other checks are done
require(msg.value != 0, "Cannot submit 0");
However, msg.value on line 96, is being divided by a constant RATIO_PRECISION which can lead to a result of zero for withheld_amt
L-01: Round-off errors in
frxETHMinter._submitcan lead to loss of fundsAlthough the amount we are speaking about are tiny, perhaps consider rounding up when the
withholdRatiois set to a non-zero value. Otherwise the possiblity exists that when extremely smallmsg.values are sent nothing is withheld.The only check done for
msg.valueis to see if it is greater than zero on line 88. No other checks are doneHowever,
msg.valueon line 96, is being divided by a constantRATIO_PRECISIONwhich can lead to a result of zero forwithheld_amt