search

code-423n4 / 2023-11-canto-findings

7 stars 6 forks source link

there is rounding error when price is below 10 #483

Closed c4-submissions closed 11 months ago

c4-submissions commented 11 months ago

Lines of code

https://github.com/code-423n4/2023-11-canto/blob/335930cd53cf9a137504a57f1215be52c6d67cb3/1155tech-contracts/src/Market.sol#L194-L198

Vulnerability details

Impact

fee will be zero when price is below in get minting price

Proof of Concept

    uint256 public constant NFT_FEE_BPS = 1_000;

    function getNFTMintingPrice(uint256 _id, uint256 _amount) public view returns (uint256 fee) {
    address bondingCurve = shareData[_id].bondingCurve;
    (uint256 priceForOne, ) = IBondingCurve(bondingCurve).getPriceAndFee(shareData[_id].tokenCount, 1);
    fee = (priceForOne * _amount * NFT_FEE_BPS) / 10_000;//*@audit if price is < 10 ,rouding error
}

from protocol implementation , fee will be zero when price is below 10 , cause of rounding error , user don't have to pay fee for minting and burning NFt

Tools Used

manual view

Recommended Mitigation Steps

make sure price is always above 10

Assessed type

Math

c4-pre-sort commented 11 months ago

minhquanym marked the issue as insufficient quality report

minhquanym commented 11 months ago

QA

c4-judge commented 11 months ago

MarioPoneder marked the issue as unsatisfactory: Insufficient proof