FeeManager::_buildSharesAndTargets could casue a DoS
Summary
In the FeeManager::_buildSharesAndTargets function, there's a potential for creating an attributions configuration where the total share percentage exceeds 100%. This could result in a denial of service (DoS) if the Splits contract reverts due to over-allocation during fee distribution, or it could lead to some referrers not receiving their share of the mintFee because the allocated funds would be insufficient to cover all payouts.
Vulnerability Detail
The main issue is in how the function calculates and then populates the shares array without verifying that the cumulative addition of attributionRevShare values does not surpass 100%. Assume all calculations are correct and we have an attributions.length of 5 and their share percentage is 25%. The total percentage of the shares array is now 125%. This will lead to operational issues.
funkornaut
medium
FeeManager::_buildSharesAndTargets
could casue a DoSSummary
In the
FeeManager::_buildSharesAndTargets
function, there's a potential for creating anattributions
configuration where the total share percentage exceeds 100%. This could result in a denial of service (DoS) if the Splits contract reverts due to over-allocation during fee distribution, or it could lead to some referrers not receiving their share of the mintFee because the allocated funds would be insufficient to cover all payouts.Vulnerability Detail
The main issue is in how the function calculates and then populates the
shares
array without verifying that the cumulative addition ofattributionRevShare
values does not surpass 100%. Assume all calculations are correct and we have anattributions.length
of 5 and their share percentage is 25%. The total percentage of theshares
array is now 125%. This will lead to operational issues.Impact
DoS for minting a Work or Edition.
Code Snippet
https://github.com/sherlock-audit/2024-04-titles/blob/main/wallflower-contract-v2/src/fees/FeeManager.sol#L476-#L496
Tool used
Manual Review Audit Wizard
Recommendation
Ensure that allocations of fees do not exceed 100%