c4-pre-sort
commented
1 year ago 141345 marked the issue as duplicate of #469
Closed c4-submissions closed 12 months ago
c4-pre-sort
commented
1 year ago 141345 marked the issue as duplicate of #469
c4-pre-sort
commented
1 year ago 141345 marked the issue as not a duplicate
c4-pre-sort
commented
1 year ago 141345 marked the issue as insufficient quality report
alex-ppg
commented
12 months ago The Warden has identified a potential precision loss that has not been identified by the bot report.
The potential precision loss is negligible (100 wei) and valueless in most regards, meaning that it will fail to accumulate to a value that is ripe for "rescuing" or "accounting" in terms of gas used. As such, I consider this exhibit to be of overinflated severity and, while a potentially valid QA, a negligible one at that.
c4-judge
commented
12 months ago alex-ppg marked the issue as unsatisfactory: Overinflated severity
c4-judge
commented
11 months ago alex-ppg marked the issue as primary issue
Lines of code
https://github.com/code-423n4/2023-10-nextgen/blob/8b518196629faa37eae39736837b24926fd3c07c/smart-contracts/MinterContract.sol#L429-L433
Vulnerability details
Impact
Multiplication before division can cause loss in precision
Proof of Concept
https://github.com/code-423n4/2023-10-nextgen/blob/8b518196629faa37eae39736837b24926fd3c07c/smart-contracts/MinterContract.sol#L429-L433
In Solidity, integer division might truncate. Performing multiplication before division can sometimes avoid a loss of precision. In this audit, multiple instances were found where division is performed before multiplication in the contract
Tools Used
Recommended Mitigation Steps
Perform multiplication operations before division to preserve the precision of values for non-floating data types.
Assessed type
Math