Division before multiplication can cause incorrect calculation causing less tokens being sent to the user
Summary
There can be precision loss because of division before multiplication which can lead to calculation error. It is a basic prevention to do multiplication first and then divison so as to avoid prescision loss.
when part2 is calculated first V0 is multiplied with k and then it is divided by V1 and then it is multiplied by V0 this can cause the value
of part2 to be less than the actual amount because of precision error
Now if the value of part2 is less than actual now if the following calculation is done it can cause some issues
For simplicity actual value of part2 if there hadn't been division before multiplication = 3
But due to above calculation it comes out to be 2
And let's assume bAbs = 4
Then the following will execute
Now bAbs according to the code = 4-2 = 2
Otherwise it would have been 4-3 = 1
so value of bAbs is more as compared to actual(actual mean multiplication first then divison)
then square root is calulated using the following
as from above it can be seen V2 value would be larger than the case when multiplication would be done first and then division
and as Value of V2 is greater than expected , value of V1-V2 comes out to be lesser than expected.
Impact
Causes loss to the users, can also affect the values of bAbs and part2 where there can be case when due to precision loss causes bSig to become false instead it should have been true
Varun_05
high
Division before multiplication can cause incorrect calculation causing less tokens being sent to the user
Summary
There can be precision loss because of division before multiplication which can lead to calculation error. It is a basic prevention to do multiplication first and then divison so as to avoid prescision loss.
Vulnerability Detail
Vulnerability lies in the following function
More specifically in the following line
when part2 is calculated first V0 is multiplied with k and then it is divided by V1 and then it is multiplied by V0 this can cause the value of part2 to be less than the actual amount because of precision error
Now if the value of part2 is less than actual now if the following calculation is done it can cause some issues For simplicity actual value of part2 if there hadn't been division before multiplication = 3 But due to above calculation it comes out to be 2 And let's assume bAbs = 4 Then the following will execute
Now bAbs according to the code = 4-2 = 2 Otherwise it would have been 4-3 = 1 so value of bAbs is more as compared to actual(actual mean multiplication first then divison) then square root is calulated using the following
as you can see we do bAbs*bAbs so this value also gets increased then finally when following is done
as we have taken else case so the value of numerator is bAbs + squareRoot so this shows greater value than the actual
as from above it can be seen V2 value would be larger than the case when multiplication would be done first and then division and as Value of V2 is greater than expected , value of V1-V2 comes out to be lesser than expected.
Impact
Causes loss to the users, can also affect the values of bAbs and part2 where there can be case when due to precision loss causes bSig to become false instead it should have been true
Code Snippet
https://github.com/sherlock-audit/2023-12-dodo-gsp/blob/main/dodo-gassaving-pool/contracts/lib/DODOMath.sol#L159
Tool used
Manual Review
Recommendation
Calculate part2 as follows uint256 part2 = (k (V0) (V0))/ (V1) + (i * (delta));
Duplicate of #116