search

hats-finance / Intuition-0x538dbadc50cc87b281cd655f1edbc6ebda02a66a

The smart contracts of the Intuition protocol v1.
https://intuition.systems
Other
0 stars 1 forks source link

Potential for Protocol Surplus Due to Indivisible atomDepositFractionOnTripleCreation #79

Open hats-bug-reporter[bot] opened 2 days ago

hats-bug-reporter[bot] commented 2 days ago

Github username: -- Twitter username: -- Submission hash (on-chain): 0x45af594e37907786efc19eea5046d4b897518936ba6dc1ee0e011e4b1bfa26dd Severity: low

Description: Description\ In the setAtomDepositFractionOnTripleCreation function of the EthMultiVault contract, there's no check to ensure that the atomDepositFractionOnTripleCreation value is divisible by 3. This could lead to a small amount of ETH being left in the protocol when creating triples, as the value is meant to be equally distributed among three atoms.

Attack Scenario\

While not a direct security vulnerability, this oversight can lead to the following issues:

  1. Small amounts of ETH could accumulate in the protocol over time due to rounding errors.
  2. The actual distribution of ETH to the three atoms in a triple may be slightly uneven.
  3. Over a large number of transactions, this could result in a noticeable discrepancy between expected and actual ETH distribution.

Attachments

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

import "./EthMultiVault.sol";

contract EthMultiVaultFractionTest {
    EthMultiVault public vault;

    constructor(address _vaultAddress) {
        vault = EthMultiVault(_vaultAddress);
    }

    function testFractionDivisibility(uint256 newFraction) external {
        // Assume this contract has admin rights
        vault.setAtomDepositFractionOnTripleCreation(newFraction);

        uint256 setFraction = vault.tripleConfig().atomDepositFractionOnTripleCreation;
        uint256 remainder = setFraction % 3;

        require(remainder == 0, "Fraction not perfectly divisible by 3");
    }
}

  1. Revised Code File (Optional)

    function setAtomDepositFractionOnTripleCreation(uint256 atomDepositFractionOnTripleCreation) external onlyAdmin {
// Ensure the value is divisible by 3
uint256 adjustedFraction = (atomDepositFractionOnTripleCreation / 3) * 3;

tripleConfig.atomDepositFractionOnTripleCreation = adjustedFraction;

emit AtomDepositFractionUpdated(adjustedFraction);
}