Comment states that it should be possible to set the mint fee to 100%, but in praxis this is impossible.
/**
* @notice Sets mint fee
*
* @param _mintFee new mint fee specified in basis points
*
* @dev The maximum fee that can be set is 10_000 bps, or 100%
*/
function setMintFee(
uint256 _mintFee
) external override onlyRole(MANAGER_ADMIN) {
if (_mintFee >= BPS_DENOMINATOR) {
revert MintFeeTooLarge();
}
Proof of Concept
If MANAGER_ADMIN tries to call setMintFee(10_000), the transaction will revert, since the condition demands the _mintFee to be strictly less than 10_000, otherwise transaction reverts.
Lines of code
https://github.com/code-423n4/2023-01-ondo/blob/f3426e5b6b4561e09460b2e6471eb694efdd6c70/contracts/cash/CashManager.sol#L403-L419
Vulnerability details
Impact
Comment states that it should be possible to set the mint fee to 100%, but in praxis this is impossible.
Proof of Concept
If MANAGER_ADMIN tries to call setMintFee(10_000), the transaction will revert, since the condition demands the _mintFee to be strictly less than 10_000, otherwise transaction reverts.
Tools Used
Manual review
Recommended Mitigation Steps
Change
to