Exploitable Mint Fee Calculation in `SmartVaultV3::mint()`
Summary
The Vulnerability revolves around an exploitable mint fee calculation in the SmartVaultV3::mint() function. The current formula allows users to execute multiple low-value minting transactions with zero fees, particularly when the mint fee rate is set at a percentage and the transaction amount falls below a certain threshold. This loophole not only results in no minting fees being collected for the protocol but also has the potential to disincentivize stakers who rely on borrowing fees for rewards.
Vulnerability Details
The issue arises in the SmartVaultV3::mint() function, where the mint fee is calculated using the following formula:
For example, when the mintFeeRate is 500 (0.5%) which is used in the test scenarios if the _amount is less than 200 Euro the fee becomes zero and for the 200 Euro mint the fee starts with 1 Euero. The similar formula is used in other functions like SmartVaultV3::burn()and SmartVaultV3::swap()
Impact
This vulnerability enables a user to perform multiple low-value minting transactions with zero fees instead of a single transaction with a larger amount. Consequently, this could lead to a scenario where there are no minting fees collected for the protocol. Additionally, the disincentivization of stakers, who derive rewards from borrowing fees, is a significant consequence.
Tools Used
Manual inspection
Recommendations
To address this issue, it is recommended to modify the fee calculation formula to ensure that fees are not zero for all amounts. Consider implementing a threshold for fees, even allowing amounts less than one Euro to maintain a balanced and incentivized protocol.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.