In PredictDotLoan.sol it is possible that the fees that are sent to the protocolFeeRecepient might round down to 0.
Summary
In the function _transferLoanAmountAndProtocolFee the protocol fee calculation can round down to zero in the case when a borrower requests for a loan of any amount less than 50.
Root Cause
In the function _transferLoanAmountAndProtocolFeethis line calculates the protocol fee that would be sent to the recipient. Below I am sharing the PoC for this.
Also note that this case is very likely to happen.
Impact
The protocolFees meant for the protocolFeeRecipient rounds down to zero.
Please note that it is really very likely that this scenario happens because it is very likely that a borrower will request a loan with such a less amount.
PoC
Suppose a borrower asks for a loan of 50. This is the line that calculates the protocolFee: protocolFee = (loanAmount * protocolFeeBasisPoints) / 10_000;
the protocolFeeBasisPoints can be of 200 BPS at max. i.e: uint256 private constant MAXIMUM_PROTOCOL_FEE_BASIS_POINTS = 200; Assuming the offer is charging the max protocolfeeBps the calculation would be:
loanAmount = 49 protocolFeeBasisPoints` = 200
the calculation of this would be -> *49200/10,000 which equals to 0.98** which rounds down to 0.
Mitigation
Consider using roundUp div or just simply don't charge fees to the borrow requests where the amount is less than 50.
Precise Banana Beetle
Low/Info
In
PredictDotLoan.sol
it is possible that the fees that are sent to theprotocolFeeRecepient
might round down to 0.Summary
In the function
_transferLoanAmountAndProtocolFee
the protocol fee calculation can round down to zero in the case when a borrower requests for a loan of any amount less than 50.Root Cause
In the function
_transferLoanAmountAndProtocolFee
this line calculates the protocol fee that would be sent to the recipient. Below I am sharing the PoC for this. Also note that this case is very likely to happen.Impact
The protocolFees meant for the
protocolFeeRecipient
rounds down to zero. Please note that it is really very likely that this scenario happens because it is very likely that a borrower will request a loan with such a less amount.PoC
Suppose a borrower asks for a loan of 50. This is the line that calculates the protocolFee:
protocolFee = (loanAmount * protocolFeeBasisPoints) / 10_000;
theprotocolFeeBasisPoints
can be of 200 BPS at max. i.e:uint256 private constant MAXIMUM_PROTOCOL_FEE_BASIS_POINTS = 200;
Assuming the offer is charging the max protocolfeeBps the calculation would be:loanAmount = 49
protocolFeeBasisPoints` = 200 the calculation of this would be -> *49200/10,000 which equals to 0.98** which rounds down to 0.Mitigation
Consider using roundUp div or just simply don't charge fees to the borrow requests where the amount is less than 50.