Closed sherlock-admin2 closed 2 weeks ago
Special Mercurial Elk
Low/Info
For low values of _amount and protocolFee, a user can call createDistribution() avoiding paying fees to protocol
_amount
protocolFee
createDistribution()
In GammaRewarder.sol:125 fee amount calculation does not consider that if _amount * protocolFee is < BASE_9, then fee is zero
GammaRewarder.sol:125
_amount * protocolFee
BASE_9
fee
https://github.com/sherlock-audit/2024-10-gamma-rewarder/blob/main/GammaRewarder/contracts/GammaRewarder.sol#L125
none
let's say that protocolFee = 10**7 (1%)
protocolFee = 10**7
createDistribution
I know amount is very very low, but a script could automate this and protocol could loose funds from taxes
No response
// require amount to distribute meets the minimum to be taxed require(_amount protocolFee >= BASE_9, "..."); uint256 fee = _amount protocolFee / BASE_9;
Special Mercurial Elk
Low/Info
user can create a Distribution with fee = 0
Summary
For low values of
_amountandprotocolFee, a user can callcreateDistribution()avoiding paying fees to protocolRoot Cause
In
GammaRewarder.sol:125fee amount calculation does not consider that if_amount * protocolFeeis <BASE_9, thenfeeis zerohttps://github.com/sherlock-audit/2024-10-gamma-rewarder/blob/main/GammaRewarder/contracts/GammaRewarder.sol#L125
Internal pre-conditions
none
External pre-conditions
none
Attack Path
let's say that
protocolFee = 10**7(1%)_amountwould be 99createDistributionwith_amount== 99 and avoid taxesImpact
I know amount is very very low, but a script could automate this and protocol could loose funds from taxes
PoC
No response
Mitigation
// require amount to distribute meets the minimum to be taxed require(_amount protocolFee >= BASE_9, "..."); uint256 fee = _amount protocolFee / BASE_9;