Open hats-bug-reporter[bot] opened 5 months ago
Github username: -- Twitter username: -- Submission hash (on-chain): 0x94a2804c3b80b5a408670d9b57af5825223cbad7ce333383af33b148b4977e29 Severity: low
Description: Description\ https://github.com/Tokemak/v2-core-hats/blob/74b397ce988a418a1bd02a45716cfc964922be26/src/strategy/LMPStrategy.sol#L733C9-L736C11
uint256 returnExPrice = ( result.baseApr * weightBase / 1e6 + result.feeApr * weightFee / 1e6 + result.incentiveApr * weightIncentive / 1e6 );
which could prone to precision loss instead of dividing separately first do add and multiplication than divide it, Like.
uint256 returnExPrice = ( (result.baseApr * weightBase + result.feeApr * weightFee + result.incentiveApr * weightIncentive) / 1e6 );
This way the calculation will be likely less prone to precision loss during vast calculation.
Attack Scenario\ Describe how the vulnerability can be exploited.
Attachments
Proof of Concept (PoC) File
Revised Code File (Optional)
Github username: -- Twitter username: -- Submission hash (on-chain): 0x94a2804c3b80b5a408670d9b57af5825223cbad7ce333383af33b148b4977e29 Severity: low
Description: Description\ https://github.com/Tokemak/v2-core-hats/blob/74b397ce988a418a1bd02a45716cfc964922be26/src/strategy/LMPStrategy.sol#L733C9-L736C11
which could prone to precision loss instead of dividing separately first do add and multiplication than divide it, Like.
This way the calculation will be likely less prone to precision loss during vast calculation.
Attack Scenario\ Describe how the vulnerability can be exploited.
Attachments
Proof of Concept (PoC) File
Revised Code File (Optional)