Closed code423n4 closed 1 year ago
berndartmueller marked the issue as duplicate of #264
berndartmueller changed the severity to QA (Quality Assurance)
This previously downgraded issue has been upgraded by berndartmueller
Due to the lack of a concrete impact besides the mentioning of the rounding issue (in comparison to https://github.com/code-423n4/2023-01-numoen-findings/issues/264) and the overall lack of quality, I'm downgrading this to QA (Low).
berndartmueller marked the issue as not a duplicate
berndartmueller changed the severity to QA (Quality Assurance)
berndartmueller marked the issue as grade-c
Lines of code
https://github.com/code-423n4/2023-01-numoen/blob/main/src/core/Pair.sol#L56 https://github.com/code-423n4/2023-01-numoen/blob/main/src/core/Pair.sol#L57
Vulnerability details
Significant roundoff error in invariant() function
When calculating scale0 and scale1 there is a significant roundoff error due to initial division (division by - uint256 liquidity).
Proof of Concept
https://github.com/code-423n4/2023-01-numoen/blob/main/src/core/Pair.sol#L56
https://github.com/code-423n4/2023-01-numoen/blob/main/src/core/Pair.sol#L57
This FullMath.mulDiv(amount0, 1e18, liquidity) roundoff value again multiplied by 3 times when calculating a, b, c, d . Thats mean if consider calculating a
This cause even worse because roundoff value multiply by another 3 factors so finally its ended up with significant different value which it should be.
Tools Used
Vs code
Recommended Mitigation Steps
Perform all the multiplication first and divide eventually.