reednaa
commented
10 months ago The check is a gas optimisation: If the governance fee is 0 => don't worry about associated logic.
Governance fee is default 0.
Open hats-bug-reporter[bot] opened 10 months ago
reednaa
commented
10 months ago The check is a gas optimisation: If the governance fee is 0 => don't worry about associated logic.
Governance fee is default 0.
Github username: -- Twitter username: 97Sabit Submission hash (on-chain): 0x3d7281573f7522cc131a8e44606498a2f7738e86c5a0d81018b020878d40b42e Severity: low
Description: Description\ There is no protection against setting governance fee and vault fee to zero.
There are two functions involved in setting governance fee -
_setGovernanceFeeandsetGovernanceFee.In both functions, there is no check against setting governance fee to 0.
In the localSwap function,
_collectGovernanceFeefunction was called. If govnerance fee is set to zero, no governance fee will be received by the factory owner when a swap is done.This is because of this check in
_collectGovernanceFee:if (governanceFeeShare != 0)Also, there is no check against setting the _vaultFee to zero.
Though these functions have a specified caller, the fees can still be set to zero.
https://github.com/catalystdao/catalyst/blob/27b4d0a2bca177aff00def8cd745623bfbf7cb6b/evm/src/CatalystVaultCommon.sol#L366
https://github.com/catalystdao/catalyst/blob/27b4d0a2bca177aff00def8cd745623bfbf7cb6b/evm/src/CatalystVaultCommon.sol#L354
https://github.com/catalystdao/catalyst/blob/27b4d0a2bca177aff00def8cd745623bfbf7cb6b/evm/src/CatalystVaultAmplified.sol#L829
https://github.com/catalystdao/catalyst/blob/27b4d0a2bca177aff00def8cd745623bfbf7cb6b/evm/src/CatalystVaultCommon.sol#L347
https://github.com/catalystdao/catalyst/blob/27b4d0a2bca177aff00def8cd745623bfbf7cb6b/evm/src/CatalystVaultCommon.sol#L371