The expression uint256 amount = totalAmount * percentages[i] / BASIS_POINTS; may not consistently produce accurate outcomes due to potential truncation and rounding intricacies inherent to integer division and multiplication.
Conducting division between two integers results in an integer outcome, with any fractional components being omitted. This introduces a potential for loss of precision in scenarios where totalAmount * percentages[i] is not evenly divisible by BASIS_POINTS, causing the outcome to be rounded down to the closest integer.
Manual review
Integrate libraries such as SafeMath or to devise more meticulous arithmetic procedures utilizing mechanisms such as fixed-point arithmetic or decimals
Add the following in the code
import "@openzeppelin/contracts/utils/math/SafeMath.sol";
using SafeMath for uint256;
uint256 amount = totalAmount.mul(percentages[i]).div(BASIS_POINTS);
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.