Profits are calculated incorrectly when a user is in profit.
Summary
The protocol makes sure to maximize users losses and minimize users profits this is done when calculating the PNL of a user with the _profitLoss() function.
Vulnerability Detail
in the event that PNL is negative they make sure to round towards a larger loss by subtracting 1, but this does not work when the user is in profit as they are already getting rounded down since solidity always round towards zero the users profit will be rounded down and then get subtracted one leaving the user with less profit than they should have had.
Check if the user is in profit or loss and handle the cases separately, if the user is in profit do not subtract one and if the user is in loss subtract one.
GoSlang
medium
Profits are calculated incorrectly when a user is in profit.
Summary
The protocol makes sure to maximize users losses and minimize users profits this is done when calculating the PNL of a user with the
_profitLoss()
function.Vulnerability Detail
in the event that PNL is negative they make sure to round towards a larger loss by subtracting 1, but this does not work when the user is in profit as they are already getting rounded down since solidity always round towards zero the users profit will be rounded down and then get subtracted one leaving the user with less profit than they should have had.
https://github.com/sherlock-audit/2023-12-flatmoney/blob/main/flatcoin-v1/src/libraries/PerpMath.sol#L175-L184
Impact
User that are in profit get rounded down and subtracted one instead of just getting rounded down leading to loss of funds for the user.
Code Snippet
Tool used
Manual Review
Recommendation
Check if the user is in profit or loss and handle the cases separately, if the user is in profit do not subtract one and if the user is in loss subtract one.
Duplicate of #286