VaultBitcoinWallet : charging fee for owner withdrawal render meaningless

[hats-bug-reporter[bot]]

Github username: -- Twitter username: -- Submission hash (on-chain): 0xb820b5646c15fcb2f998ccf433ad2e0556b4073b0088a1ab9375682d56a538f0 Severity: low

Description: Description\

Whenever use make deposit or withdraw, btc token is minted to the owner address.

As discussed with sponser, owner will use this btc token to buyback and burn when they withdraw.

In the current function, when owner withdraw the btc token, after burning the token, protocol fee is charged again to the owner address itself. In this case, always, the owner will left with small amount of btc token.

Impact

Charging fee to owner when they withdraw could render useless. All the btc could not be realised.

Attachments

2. Revised Code File (Optional)

Do not charge if the caller is the owner in withdraw function. The same can be applied with deposit also.

VaultBitcoinWallet.sol#L375-L382

    function withdraw(bytes memory to, uint64 amount, uint64 minReceiveAmount, bytes32 idSeed) public {
        uint64 amountAfterNetworkFee = amount - (BYTES_PER_OUTGOING_TRANSFER * satoshiPerByte);
        require(amountAfterNetworkFee >= minWithdrawalLimit, "AFL");

        uint64 protocolFees = amountAfterNetworkFee * withdrawalFee / 1000;
        if (isExcludedFromFees[msg.sender] || owner() ) { --->> audit update.
            protocolFees = 0;
        }

[aktech297]

Also, other restrictions like minwithdrawal limit can be relaxed for owner.

[aktech297]

@party-for-illuminati pls clarify

[party-for-illuminati]

@party-for-illuminati pls clarify

It isn't an issue, informational at most