Closed code423n4 closed 1 year ago
https://github.com/GenerationSoftware/pt-v5-vault/blob/b1deb5d494c25f885c34c83f014c8a855c5e2749/src/Vault.sol#L574
yield fee balance is increased incorrectly
Example, when the _yieldFeePercentage is 10% of total transaction So the total fee is calculated is:
(_amountOut FEE_PRECISION) / (FEE_PRECISION - _yieldFeePercentage) - _amountOut = 10/9 _amountOut - _amountOut = 1/9 _amountOut Which is not correct, since the yield fee is (_availableYield _yieldFeePercentage) / FEE_PRECISION; (https://github.com/GenerationSoftware/pt-v5-vault/blob/b1deb5d494c25f885c34c83f014c8a855c5e2749/src/Vault.sol#L845)
manual review
replace fee calculation function to (_amountOut * _yieldFeePercentage) / FEE_PRECISION;
Math
Picodes marked the issue as duplicate of #237
Picodes marked the issue as duplicate of #124
Picodes marked the issue as satisfactory
Picodes marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/GenerationSoftware/pt-v5-vault/blob/b1deb5d494c25f885c34c83f014c8a855c5e2749/src/Vault.sol#L574
Vulnerability details
Impact
yield fee balance is increased incorrectly
Proof of Concept
Example, when the _yieldFeePercentage is 10% of total transaction So the total fee is calculated is:
Tools Used
manual review
Recommended Mitigation Steps
replace fee calculation function to (_amountOut * _yieldFeePercentage) / FEE_PRECISION;
Assessed type
Math