Description:Description\
In the setAtomDepositFractionOnTripleCreation function of the EthMultiVault contract, there's no check to ensure that the atomDepositFractionOnTripleCreation value is divisible by 3. This could lead to a small amount of ETH being left in the protocol when creating triples, as the value is meant to be equally distributed among three atoms.
Attack Scenario\
While not a direct security vulnerability, this oversight can lead to the following issues:
Small amounts of ETH could accumulate in the protocol over time due to rounding errors.
The actual distribution of ETH to the three atoms in a triple may be slightly uneven.
Over a large number of transactions, this could result in a noticeable discrepancy between expected and actual ETH distribution.
Attachments
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "./EthMultiVault.sol";
contract EthMultiVaultFractionTest {
EthMultiVault public vault;
constructor(address _vaultAddress) {
vault = EthMultiVault(_vaultAddress);
}
function testFractionDivisibility(uint256 newFraction) external {
// Assume this contract has admin rights
vault.setAtomDepositFractionOnTripleCreation(newFraction);
uint256 setFraction = vault.tripleConfig().atomDepositFractionOnTripleCreation;
uint256 remainder = setFraction % 3;
require(remainder == 0, "Fraction not perfectly divisible by 3");
}
}
Revised Code File (Optional)
function setAtomDepositFractionOnTripleCreation(uint256 atomDepositFractionOnTripleCreation) external onlyAdmin {
// Ensure the value is divisible by 3
uint256 adjustedFraction = (atomDepositFractionOnTripleCreation / 3) * 3;
tripleConfig.atomDepositFractionOnTripleCreation = adjustedFraction;
emit AtomDepositFractionUpdated(adjustedFraction);
}
Github username: -- Twitter username: -- Submission hash (on-chain): 0x45af594e37907786efc19eea5046d4b897518936ba6dc1ee0e011e4b1bfa26dd Severity: low
Description: Description\ In the
setAtomDepositFractionOnTripleCreation
function of the EthMultiVault contract, there's no check to ensure that theatomDepositFractionOnTripleCreation
value is divisible by 3. This could lead to a small amount of ETH being left in the protocol when creating triples, as the value is meant to be equally distributed among three atoms.Attack Scenario\
While not a direct security vulnerability, this oversight can lead to the following issues:
Attachments
Revised Code File (Optional)