Beginner FriendlyFoundryDeFiOracle
100 EXP
View results
Submission Details
Severity: medium
Invalid

Missing amount verification in the getCalculatedFee function.

Summary

The variable amount is not conditionally checked for amount > 0 in the getCalculatedFee function, allowing the sender to obtain a fee of 0.

Vulnerability Details

function getCalculatedFee(IERC20 token, uint256 amount) public view returns (uint256 fee) {
//slither-disable-next-line divide-before-multiply
uint256 valueOfBorrowedToken = (amount * getPriceInWeth(address(token))) / s_feePrecision;
//slither-disable-next-line divide-before-multiply
fee = (valueOfBorrowedToken * s_flashLoanFee) / s_feePrecision;
}

If amount = 0 then valueOfBorrowedToken will = 0 => fee = 0.

Impact

The user will not incur any fees

Tools Used

Manual review

Recommendations

Add a condition require(amount > 0, "error")

function getCalculatedFee(IERC20 token, uint256 amount) public view returns (uint256 fee) {
require(amount > 0, "error");
Updates

Lead Judging Commences

0xnevi Lead Judge
over 1 year ago
0xnevi Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Other

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.