In PredictDotLoan.sol it is possible that the fees that are sent to the protocolFeeRecepient might round down to 0.
Summary
In the function _transferLoanAmountAndProtocolFee the protocol fee calculation can round down to zero in the case when a borrower requests for a loan of any amount less than 50.
Root Cause
In the function _transferLoanAmountAndProtocolFeethis line calculates the protocol fee that would be sent to the recipient. Below I am sharing the PoC for this.
Also note that this case is very likely to happen.
Impact
The protocolFees meant for the protocolFeeRecipient rounds down to zero.
Please note that it is really very likely that this scenario happens because it is very likely that a borrower will request a loan with such a less amount.
PoC
Suppose a borrower asks for a loan of 50. This is the line that calculates the protocolFee: protocolFee = (loanAmount * protocolFeeBasisPoints) / 10_000;
the protocolFeeBasisPoints can be of 200 BPS at max. i.e: uint256 private constant MAXIMUM_PROTOCOL_FEE_BASIS_POINTS = 200; Assuming the offer is charging the max protocolfeeBps the calculation would be:
loanAmount = 49 protocolFeeBasisPoints` = 200
the calculation of this would be -> *49200/10,000 which equals to 0.98** which rounds down to 0.
Mitigation
Consider using roundUp div or just simply don't charge fees to the borrow requests where the amount is less than 50.
Precise Banana Beetle
Low/Info
In
PredictDotLoan.solit is possible that the fees that are sent to theprotocolFeeRecepientmight round down to 0.Summary
In the function
_transferLoanAmountAndProtocolFeethe protocol fee calculation can round down to zero in the case when a borrower requests for a loan of any amount less than 50.Root Cause
In the function
_transferLoanAmountAndProtocolFeethis line calculates the protocol fee that would be sent to the recipient. Below I am sharing the PoC for this. Also note that this case is very likely to happen.Impact
The protocolFees meant for the
protocolFeeRecipientrounds down to zero. Please note that it is really very likely that this scenario happens because it is very likely that a borrower will request a loan with such a less amount.PoC
Suppose a borrower asks for a loan of 50. This is the line that calculates the protocolFee:
protocolFee = (loanAmount * protocolFeeBasisPoints) / 10_000;theprotocolFeeBasisPointscan be of 200 BPS at max. i.e:uint256 private constant MAXIMUM_PROTOCOL_FEE_BASIS_POINTS = 200;Assuming the offer is charging the max protocolfeeBps the calculation would be:loanAmount = 49protocolFeeBasisPoints` = 200 the calculation of this would be -> *49200/10,000 which equals to 0.98** which rounds down to 0.Mitigation
Consider using roundUp div or just simply don't charge fees to the borrow requests where the amount is less than 50.