if 0 < params.feeX64 * params.amountX < Q64 then feeAmountX = 0. In this case the SafeERC20.safeTransfer() reverts on a token which reverts on zero transfers.
_deductFees() is used throughout the functionality of V3Automation and V3Utils.
Recommended Mitigation Steps
if (feeAmount0 > 0) {
SafeERC20.safeTransfer(IERC20(params.token0), FEE_TAKER, feeAmount0);
}
Lines of code
https://github.com/code-423n4/2024-06-krystal-defi/blob/f65b381b258290653fa638019a5a134c4ef90ba8/src/Common.sol#L668-L682
Vulnerability details
Impact
All main functionality risks reverting with tokens that revert on zero value transfers, via a transfer in
Common._deductFees()
.Proof of Concept
In
Common._deductFees()
if
0 < params.feeX64 * params.amountX < Q64
thenfeeAmountX = 0
. In this case theSafeERC20.safeTransfer()
reverts on a token which reverts on zero transfers._deductFees()
is used throughout the functionality ofV3Automation
andV3Utils
.Recommended Mitigation Steps
etc.
Assessed type
ERC20