Closed code423n4 closed 11 months ago
https://github.com/GenerationSoftware/pt-v5-prize-pool/blob/4bc8a12b857856828c018510b5500d722b79ca3a/src/PrizePool.sol#L766-L773
The result will be wrong due to division before multiplication precision issues.
This issue is similar to https://github.com/code-423n4/2023-05-ajna-findings/issues/367 Ajna Contest. A good example of this Vulnerability is in the Detector Documentation https://github.com/crytic/slither/wiki/Detector-Documentation#divide-before-multiply
All the multiplication should be performed in step 1 and then division at the end.
Math
Picodes marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/GenerationSoftware/pt-v5-prize-pool/blob/4bc8a12b857856828c018510b5500d722b79ca3a/src/PrizePool.sol#L766-L773
Vulnerability details
Impact
The result will be wrong due to division before multiplication precision issues.
Proof of Concept
This issue is similar to https://github.com/code-423n4/2023-05-ajna-findings/issues/367 Ajna Contest. A good example of this Vulnerability is in the Detector Documentation https://github.com/crytic/slither/wiki/Detector-Documentation#divide-before-multiply
Recommended Mitigation Steps
All the multiplication should be performed in step 1 and then division at the end.
Assessed type
Math