Fees are not in BASIS POINTS

[hats-bug-reporter[bot]]

Github username: @SB-Security Twitter username: SBSecurity_ Submission hash (on-chain): 0xd9a588c7e1b7803d3d0ea6fbd5c0e36aec4d06a09f69afc70aebcf3e5e894110 Severity: low

Description: Description\ WithdrawalFee should be in Basis Points and should be equal to 10000 in VaultBitcoinWallet::withdraw instead of 1000 https://github.com/illumineXswap/xengine-btc/blob/main/packages/contracts/contracts/illuminex/xengine/chains/btc/wallet/VaultBitcoinWallet.sol#L379

Attack Scenario\ When withdrawalFee is changed percentages will be wrong

Attachments

1. Proof of Concept (PoC) File

function withdraw(bytes memory to, uint64 amount, uint64 minReceiveAmount, bytes32 idSeed) public {
  uint64 amountAfterNetworkFee = amount - (BYTES_PER_OUTGOING_TRANSFER * satoshiPerByte);
  require(amountAfterNetworkFee >= minWithdrawalLimit, "AFL");

  uint64 protocolFees = amountAfterNetworkFee * withdrawalFee / 1000;
  if (isExcludedFromFees[msg.sender]) {
      protocolFees = 0;
  }

1. Revised Code File (Optional)

Make all contract fees in basis points (100% = 1e4)

[party-for-illuminati]

Informational