Precision Loss Due to Division Before Multiplication
Summary
The JalaMasterRouter contract demonstrates a precision loss vulnerability due to the order of arithmetic operations in several functions. The contract's logic involves dividing a token's balance by its decimal offset and subsequently multiplying by the same offset. This can lead to truncation of any fractional remainder during the division, potentially resulting in users receiving less than the expected amount of unwrapped tokens.
Vulnerability Detail
Affected Functions
removeLiquidityAndUnwrapToken
Calculation of tokenAReturnAmount and tokenBReturnAmount.
removeLiquidityETHAndUnwrap
Calculation of tokenReturnAmount.
_unwrapAndTransfer (private function)
Calculation of tokenOutReturnAmount.
Please note that line numbers 129, 130, 175, and 312 all perform division before multiplication, which can lead to precision loss due to integer division truncation.
Refactor the affected calculations to perform multiplication before division. This change will preserve the full precision of token amounts during unwrapping operations.
0xAadi
medium
Precision Loss Due to Division Before Multiplication
Summary
The
JalaMasterRouter
contract demonstrates a precision loss vulnerability due to the order of arithmetic operations in several functions. The contract's logic involves dividing a token's balance by its decimal offset and subsequently multiplying by the same offset. This can lead to truncation of any fractional remainder during the division, potentially resulting in users receiving less than the expected amount of unwrapped tokens.Vulnerability Detail
Affected Functions
removeLiquidityAndUnwrapToken
tokenAReturnAmount
andtokenBReturnAmount
.removeLiquidityETHAndUnwrap
tokenReturnAmount
._unwrapAndTransfer
(private function)tokenOutReturnAmount
.Please note that line numbers 129, 130, 175, and 312 all perform division before multiplication, which can lead to precision loss due to integer division truncation.
https://github.com/sherlock-audit/2024-02-jala-swap/blob/030d3ed54214754301154bce0e58ea534100a7e3/jalaswap-dex-contract/contracts/JalaMasterRouter.sol#L129C8-L130C78 https://github.com/sherlock-audit/2024-02-jala-swap/blob/030d3ed54214754301154bce0e58ea534100a7e3/jalaswap-dex-contract/contracts/JalaMasterRouter.sol#L175C8-L175C79 https://github.com/sherlock-audit/2024-02-jala-swap/blob/030d3ed54214754301154bce0e58ea534100a7e3/jalaswap-dex-contract/contracts/JalaMasterRouter.sol#L312
Impact
Users may not receive the full amount of tokens they are entitled to when unwrapping, leading to a loss of funds.
Code Snippet
https://github.com/sherlock-audit/2024-02-jala-swap/blob/030d3ed54214754301154bce0e58ea534100a7e3/jalaswap-dex-contract/contracts/JalaMasterRouter.sol#L129C8-L130C78 https://github.com/sherlock-audit/2024-02-jala-swap/blob/030d3ed54214754301154bce0e58ea534100a7e3/jalaswap-dex-contract/contracts/JalaMasterRouter.sol#L175C8-L175C79 https://github.com/sherlock-audit/2024-02-jala-swap/blob/030d3ed54214754301154bce0e58ea534100a7e3/jalaswap-dex-contract/contracts/JalaMasterRouter.sol#L312
Tool used
Manual Review
Recommendation
Refactor the affected calculations to perform multiplication before division. This change will preserve the full precision of token amounts during unwrapping operations.