search

hats-finance / Circles-0x6ca9ca24d78af44582951825bef9eadcb210e5cf

Circles Protocol contracts
https://aboutcircles.com
GNU Affero General Public License v3.0
0 stars 0 forks source link

_calculateIssuance : incorrect value is added with `l` when incompleted hours remaining in day B #115

Open hats-bug-reporter[bot] opened 1 week ago

hats-bug-reporter[bot] commented 1 week ago

Github username: -- Twitter username: -- Submission hash (on-chain): 0xf2ab7b565143db11acdbf61abe17f2a1cc9af649a99e53f0436ae87062e173f8 Severity: medium

Description: Description\

the function _calculateIssuance calculates the issuance amounts.

following block of codes we can see.


        // day of current block, dB
        uint256 dB = uint256(day(block.timestamp));

        // the difference of days between dB and dA used for the table lookups
        uint256 n = dB - dA;

        // calculate the number of completed hours in day A until `startMint`
        int128 k = Math64x64.fromUInt((startMint - (dA * 1 days + inflationDayZero)) / 1 hours);

        // Calculate the number of incompleted hours remaining in day B from current timestamp
        int128 l = Math64x64.fromUInt(((dB + 1) * 1 days + inflationDayZero - block.timestamp) / 1 hours + 1);

when calculating the l value, 1 hours should be added. But the current code adds just 1 second.

int128 l = Math64x64.fromUInt(((dB + 1) * 1 days + inflationDayZero - block.timestamp) / 1 hours + 1);

When we see the documentation.

To convert this to attoCRC we can either allocate 1 CRC per completed (clock's) hour, which would result from
the integer division `/ 3600` as mentioned above. In that case we simply have to multiply our previous result
times `EXA = 10**18`. The extra hour gets subtracted because of the integer division to hours, to not overcount
the current incomplete hour:

    β^d * (T(n) - R(n) * k / 3600 - l / 3600 - 1) * EXA` -->> 1 hour deducted.

Attack Scenario\ Incorrect l value comutation which lead to incorrect overcount.

  1. Revised Code File (Optional)

remove the current l calculation and add following two line. this adds the correct hour.

int128 l = Math64x64.fromUInt(((dB + 1) * 1 days + inflationDayZero - block.timestamp) / 1 hours);

l = l + 1;
0xpinky commented 1 week ago

i think its straight forward, will add explanation if needed. wanted to update few things before submission. but missed. will add if needed.

aktech297 commented 1 week ago

I think the correct implementation is correct

benjaminbollen commented 1 week ago

l is in units of one hour

benjaminbollen commented 4 days ago