search

code-423n4 / 2023-05-ajna-findings

2 stars 0 forks source link

It is necessary to ensure that the decimal places are 18 #377

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-05-ajna/blob/main/ajna-core/src/RewardsManager.sol#L95-L100 https://github.com/code-423n4/2023-05-ajna/blob/main/ajna-core/src/libraries/internal/Maths.sol#L11

Vulnerability details

Impact

It is necessary to ensure that the decimal places are 18, as all calculations in the Ajna protocol are based on 18 decimal places. Otherwise, it may cause the entire protocol to crash.

Proof of Concept

The calculations in the Maths.sol library are all based on 18 decimal places, and it is very important to ensure this.

Tools Used

VsCode

Recommended Mitigation Steps

    constructor(address ajnaToken_, IPositionManager positionManager_) {
        if (ajnaToken_ == address(0)) revert DeployWithZeroAddress();
        //@audit
        require(IERC20(ajnaToken_).decimals() == 18, 'Ajna token must have 18 decimals');
        ajnaToken = ajnaToken_;
        positionManager = positionManager_;
    }

Assessed type

Decimal

Picodes commented 1 year ago

Ajna token has 18 decimals

c4-judge commented 1 year ago

Picodes marked the issue as unsatisfactory: Invalid