search

code-423n4 / 2023-07-amphora-findings

3 stars 2 forks source link

VaultController#changeInitialBorrowingFee Owner won't be able to set fee to MAX_INIT_BORROWING_FEE #341

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-07-amphora/blob/daae020331404647c661ab534d20093c875483e1/core/solidity/contracts/core/VaultController.sol#L426

Vulnerability details

Impact

As it is stated, the MAX_INIT_BORROWING_FEE = 0.05e18, denoting the max allowed to be set as borrowing fee. Unfortunately, the owner cannot set the borrowing fee to max

Proof of Concept

https://github.com/code-423n4/2023-07-amphora/blob/daae020331404647c661ab534d20093c875483e1/core/solidity/contracts/core/VaultController.sol#L426

There is a mistake in the logic of this Line, the check uses ">=".The implication of this is that the Owner can't set the borrowing fee to the MAX_INIT_BORROWING_FEE of which is not an intended behavior of the protocol.

Instead it should be made to revert only when the _newBorrowingFee exceeds the MAX_INIT_BORROWING_FEE

Tools Used

Manual Review

Recommended Mitigation Steps

Change the line to if (_newBorrowingFee > MAX_INIT_BORROWING_FEE) revert VaultController_FeeTooLarge();

Assessed type

Other

c4-pre-sort commented 1 year ago

minhquanym marked the issue as duplicate of #130

c4-judge commented 1 year ago

dmvt marked the issue as unsatisfactory: Overinflated severity