Detailed description of the impact of this finding.
precision loss due to division before multiplication in getBandC.
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
function getBandC(
uint256 Ann,
uint256 lpTokenSupply,
uint256 reserves
) private pure returns (uint256 c, uint256 b) {
@> c = lpTokenSupply lpTokenSupply / (reserves N) lpTokenSupply A_PRECISION / (Ann N);
b = reserves + (lpTokenSupply A_PRECISION / Ann);
}
nevillehuang
commented
3 months ago
Lines of code
https://github.com/code-423n4/2024-07-basin/blob/main/src/functions/Stable2.sol#L380
Vulnerability details
Impact
Detailed description of the impact of this finding. precision loss due to division before multiplication in getBandC.
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. function getBandC( uint256 Ann, uint256 lpTokenSupply, uint256 reserves ) private pure returns (uint256 c, uint256 b) { @> c = lpTokenSupply lpTokenSupply / (reserves N) lpTokenSupply A_PRECISION / (Ann N); b = reserves + (lpTokenSupply A_PRECISION / Ann); }
Tools Used
Recommended Mitigation Steps
Assessed type
Context