c4-judge
commented
1 year ago GalloDaSballo marked the issue as duplicate of #669
Closed c4-judge closed 1 year ago
c4-judge
commented
1 year ago GalloDaSballo marked the issue as duplicate of #669
c4-judge
commented
1 year ago GalloDaSballo marked the issue as partial-50
Judge has assessed an item in Issue #898 as 2 risk. The relevant finding follows:
Royalty receiver will not get correct royalty as saleprice is not calculated properly https://github.com/code-423n4/2023-04-caviar/blob/main/src/EthRouter.sol#L182 uint256 salePrice = outputAmount / sells[i].tokenIds.length;
Here the salesprice for an nft is calculated by using the above formula. A user might buy different NFTs in different prices. But when above formula is used for calculating the saleprice of an NFT,the NFT may have higher price or lower price than the actual price the user paid to buy it. Due to this royalty receiver will not be receiving the actual amount that they have to receive.