Werid edge case that causes flutters not to work like the whitepaper says
Summary
the protocol should use <= because if the collateral factor is 14.25 then it will move to the next flutter will the whitepaper says only after its higher than 14.25 collateral factor is should move that is what the
Whitepaper says.
Vulnerability Detail
The current flutter level is determined as total collateralization level of
USSD, e.g. first flutter is 0.25x + 2x + 2x + 10x = 14.25x. If collateralization
factor is higher this value, then proportion is switched to the next flutter.
The code does
for (flutter = 0; flutter < flutterRatios.length; flutter++) {
if (cf < flutterRatios[flutter]){
break;
}
// if cf=14.25 < 14.25 it will move on to 28.35 flutter when it should of keep //the same flutter only when higher then the value move on
It will cause collateral to be shifted weirdly when their wrong flutter amounts for the wrong collateralFactor
Impact
Code Snippet
Tool used
Manual Review
Recommendation
make it <= so it doesn't get the wrong collateral for wrong flutters ratios
simon135
high
Werid edge case that causes flutters not to work like the whitepaper says
Summary
the protocol should use <= because if the collateral factor is 14.25 then it will move to the next flutter will the whitepaper says only after its higher than 14.25 collateral factor is should move that is what the Whitepaper says.
Vulnerability Detail
The current flutter level is determined as total collateralization level of USSD, e.g. first flutter is 0.25x + 2x + 2x + 10x = 14.25x. If collateralization factor is higher this value, then proportion is switched to the next flutter. The code does
It will cause collateral to be shifted weirdly when their wrong flutter amounts for the wrong collateralFactor
Impact
Code Snippet
Tool used
Manual Review
Recommendation
make it <= so it doesn't get the wrong collateral for wrong flutters ratios