Submission Details
Severity:
LiquidationPool::distributeAssets does priorities multiplication before dividing
Summary
The loss of precision happens when the logic divides first before multiplying. In such cases, the fractional numbers are truncated.
In distributeAssets() function, there are number of places where the mathematical precedence is not properly accounted for.
Vulnerability Details
refer to the below code snippet for reference where in number of places the precedence for multiplication is not set.
uint256 _portion = asset.amount * _positionStake / stakeTotal;
uint256 costInEuros = _portion * 10 ** (18 - asset.token.dec) * uint256(assetPriceUsd) / uint256(priceEurUsd)
* _hundredPC / _collateralRate;
if (costInEuros > _position.EUROs) {
_portion = _portion * _position.EUROs / costInEuros;
costInEuros = _position.EUROs;
}
Impact
The loss of precision leads to loss for user or protocol. The protocol should take precaution to prevent such fractional losses.
Tools Used
Manual Review
Recommendations
set precedence for multiplication using the braces.
uint256 _portion = (asset.amount * _positionStake) / stakeTotal;
uint256 costInEuros = ((_portion * 10 ** (18 - asset.token.dec) * uint256(assetPriceUsd))/ uint256(priceEurUsd)
* _hundredPC) / _collateralRate;
if (costInEuros > _position.EUROs) {
_portion =( _portion * _position.EUROs) / costInEuros;
costInEuros = _position.EUROs;
}
Prize pool breakdown
Total prize
20,000 USDC
nSLOC
60933 USDC / LOC
17,500 USDC
2,500 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.