Wrong calculation in maxMintable function as HUNDRED_PC() is used for multiplication instead of division
Summary
There is a wrong calculation in maxMintable function as HUNDRED_PC() is used for multiplication instead of division.
Vulnerability Details
The purpse of HUNDRED_PC is to prevent loss of fraction as it represents 100%. However, in calculatin the "euroCollateral" in the maxMintable function, HUNDRED_PC is used to multiply "euroCollateral" instead of "collateralRate".
function maxMintable() private view returns (uint256) {
return euroCollateral() * ISmartVaultManagerV3(manager).HUNDRED_PC() / ISmartVaultManagerV3(manager).collateralRate();
}
There are other places in the contract HUNDRED_PC was used correctly. For example:
uint256 fee = _amount * ISmartVaultManagerV3(manager).burnFeeRate() / ISmartVaultManagerV3(manager).HUNDRED_PC();
uint256 requiredCollateralValue = minted * _manager.collateralRate() / _manager.HUNDRED_PC();
uint256 swapFee = _amount * ISmartVaultManagerV3(manager).swapFeeRate() / ISmartVaultManagerV3(manager).HUNDRED_PC();
Impact
maxMintable is either reduced or increased (beyond protocol's intention) depending on the value of HUNDRED_PC and collateralRate. And precision will be lost.
Tools Used
Manual review
Recommendations
function maxMintable() private view returns (uint256) {
return euroCollateral() * ISmartVaultManagerV3(manager).collateralRate() / ISmartVaultManagerV3(manager).HUNDRED_PC();
}
Lead Judging Commences
informational/invalid
informational/invalid
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.