Submission Details
Severity:
Numbers are truncated during calculation, reducing precision
Summary
Dividing cause numbers to be truncated, reducing calculation precision.
Vulnerability Details
When calculating in the _calculateHealthFactor function, if the ending digit of collateralValueInUsd is 1 (ex. 1001), 1 is truncated during calculation. This can result in a calculation error of $1.
function _calculateHealthFactor(uint256 totalDscMinted, uint256 collateralValueInUsd)
internal
pure
returns (uint256)
{
if (totalDscMinted == 0) return type(uint256).max;
uint256 collateralAdjustedForThreshold = (collateralValueInUsd * LIQUIDATION_THRESHOLD) / LIQUIDATION_PRECISION;
return (collateralAdjustedForThreshold * 1e18) / totalDscMinted;
}
Impact
Calculation precision is reduced.
Tools Used
vscode
Recommendations
Change the order of calculation to avoid truncating numbers. Since LIQUIDATION_PRECISION is 100, instead of dividing by LIQUIDATION_PRECISION, change the multiplication number 1e18 to 1e16.
function _calculateHealthFactor(uint256 totalDscMinted, uint256 collateralValueInUsd)
internal
pure
returns (uint256)
{
if (totalDscMinted == 0) return type(uint256).max;
return (collateralValueInUsd * LIQUIDATION_THRESHOLD * 1e16) / totalDscMinted;
}
Prize pool breakdown
Total prize
15,000 USDC
nSLOC
23664 USDC / LOC
14,000 USDC
1,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.