Picodes
commented
1 year ago This is correct, but what is the impact ? Decimals are just a convention, so it's no a real issue if 1 USDC = 1e-12 short tokens if it doesn't break anything
Closed code423n4 closed 1 year ago
Picodes
commented
1 year ago This is correct, but what is the impact ? Decimals are just a convention, so it's no a real issue if 1 USDC = 1e-12 short tokens if it doesn't break anything
c4-judge
commented
1 year ago Picodes marked the issue as unsatisfactory: Insufficient proof
Lines of code
https://github.com/prepo-io/prepo-monorepo/blob/3541bc704ab185a969f300e96e2f744a572a3640/apps/smart-contracts/core/contracts/PrePOMarket.sol#L65-L74
Vulnerability details
mint()ofPrePOMarket.solallows the team to mint new short and long tokens in exchange for collateral tokens. Long and short tokens are default ERC20 tokens with 18 decimals, while the collateral ERC20 token uses the decimals of the underlying base token.However, in case the decimals of the collateral is smaller than the amount of decimals of the short/long tokens, the team will have to put up too much collateral for the amount of short/long tokens minted
For example, if the underlying base token of the collateral ERC20 uses 6 decimals (e.g. USDC), the team will receive only 1e6 short and long tokens for each 1e6 USDC (+- 1USD) deposited.
https://github.com/prepo-io/prepo-monorepo/blob/3541bc704ab185a969f300e96e2f744a572a3640/apps/smart-contracts/core/contracts/PrePOMarket.sol#L65-L74
Impact
The team will pay too much collateral for minting new short and long tokens. As only the team is able to mint new tokens, the impact is considered medium.
Proof of Concept
When using the
mint()function ofPrePOMarket.sol, the team will have to pay too much tokens in case the decimal amount of the underlying base token is smaller than 18.Tool Used
Manual Review
Recommended Mitigation Steps
There are multiple solution for this problem:
transferfunction ofCollateral.solto take into account the token decimals of the underlying base token.mint()function to calculate the amount of long and short tokens to mint. This can be done by multiplying_amountwith 1e18 and afterwards dividing it by the amount of decimals of the base token.