Open hats-bug-reporter[bot] opened 1 week ago
The report highlights a design choice that aligns with our protocol's operational model. Here are the key points:
setEntryFee
is intentional. Entry fees affect new users who can decide whether to use the protocol based on the current fees. Conversely, exit fees directly impact existing users' profits, necessitating a notice period.setExitFee
ensures that users are protected from sudden changes that could negatively affect their profits. Entry fees do not have the same impact, as users can choose not to interact with the protocol.In conclusion, the current design effectively balances user protection and operational flexibility. Therefore, this issue is invalid.
Github username: @0x3b33 Twitter username: -- Submission hash (on-chain): 0xa390973948d516fd59e50ea55bdac63ac5e1388a3d57000059a67cdf488822fd Severity: low
Description: Description\
EthMultiVault
'ssetEntryFee
andsetExitFee
both set fees for the vault.However, unlike
setExitFee
,setEntryFee
does not impose any time locks on the change, meaning the fee can be set instantly by the vault admin. Same can be said forsetProtocolFee
.This increases trust assumptions and is generally best avoided.
Attachments\ Make
setEntryFee
the same assetExitFee
, i.e., add the time lock mechanic to it.