Missing Check for Manager Fee Limit in _updateParamsChecks Function
Summary
The _updateParamsChecks function within the smart contract is responsible for validating various parameters during setup. However, it currently lacks a check to ensure that the manager fee does not exceed the maximum allowable limit of 50%.
Vulnerability Detail
The function does not validate the managerFee parameter to ensure it is within the acceptable range. Without this check, there is a risk that the managerFee could be set to an excessively high value, potentially leading to unintended high costs for users and operational risks for the platform.
Impact
Excessive Fees: Without a cap on the manager fee, it could be set higher than the intended maximum of 50%, leading to excessive fees that could deter users and reduce trust in the platform.
cu5t0mPeo
commented
3 months ago
0xrobsol
medium
Missing Check for Manager Fee Limit in _updateParamsChecks Function
Summary
The _updateParamsChecks function within the smart contract is responsible for validating various parameters during setup. However, it currently lacks a check to ensure that the manager fee does not exceed the maximum allowable limit of 50%.
Vulnerability Detail
The function does not validate the managerFee parameter to ensure it is within the acceptable range. Without this check, there is a risk that the managerFee could be set to an excessively high value, potentially leading to unintended high costs for users and operational risks for the platform.
Impact
Code Snippet
https://github.com/sherlock-audit/2024-03-arrakis/blob/main/arrakis-modular/src/ArrakisStandardManager.sol#L632-L659
Tool used
Manual Review
Recommendation
Add a validation check within the _updateParamsChecks function to ensure that the managerFee does not exceed the maximum allowable limit of 50%.