15,000 USDC
View results
Submission Details
Severity: low
Valid

Numbers are truncated during calculation, reducing precision

Summary

Dividing cause numbers to be truncated, reducing calculation precision.

Vulnerability Details

When calculating in the _calculateHealthFactor function, if the ending digit of collateralValueInUsd is 1 (ex. 1001), 1 is truncated during calculation. This can result in a calculation error of $1.

function _calculateHealthFactor(uint256 totalDscMinted, uint256 collateralValueInUsd)
internal
pure
returns (uint256)
{
if (totalDscMinted == 0) return type(uint256).max;
uint256 collateralAdjustedForThreshold = (collateralValueInUsd * LIQUIDATION_THRESHOLD) / LIQUIDATION_PRECISION;
return (collateralAdjustedForThreshold * 1e18) / totalDscMinted;
}

https://github.com/Cyfrin/2023-07-foundry-defi-stablecoin/blob/d1c5501aa79320ca0aeaa73f47f0dbc88c7b77e2/src/DSCEngine.sol#L324-L332

Impact

Calculation precision is reduced.

Tools Used

vscode

Recommendations

Change the order of calculation to avoid truncating numbers. Since LIQUIDATION_PRECISION is 100, instead of dividing by LIQUIDATION_PRECISION, change the multiplication number 1e18 to 1e16.

function _calculateHealthFactor(uint256 totalDscMinted, uint256 collateralValueInUsd)
internal
pure
returns (uint256)
{
if (totalDscMinted == 0) return type(uint256).max;
return (collateralValueInUsd * LIQUIDATION_THRESHOLD * 1e16) / totalDscMinted;
}

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.