The Standard

DeFiHardhat

20,000 USDC

View results

Previous Next

Submission Details

Severity: low

Valid

User can skip paying fees for minting and burning EUROs, when amount is low enough

dimulski

Summary

When a user creates a vault, where he can add collateral and in return mint EURO tokens to himself, he is expected to pay a fee on every call to mint() and burn(). However if the amount is very small a user can skip paying the fees. Because of the following line in the mint() function:

uint256 fee = _amount * ISmartVaultManagerV3(manager).mintFeeRate() / ISmartVaultManagerV3(manager).HUNDRED_PC();

And this line in the burn() function:

uint256 fee = _amount * ISmartVaultManagerV3(manager).burnFeeRate() / ISmartVaultManagerV3(manager).HUNDRED_PC();

For example if the mintFeeRate() is 500 which should represent 0.5% according to the devs and we try to mint 199 EUROs we won't pay any fee to the LiquidationPoolManager() contract, which is the contract where the fees have to be sent to. When we put numbers in the formula we get the following 199 * 500 / 100000 which is 0.

Vulnerability Details

Gist

After following the steps in the above provided gist, add the following test to the AuditorTestst.t.sol :

function test_NoFeesMint() public {

vm.startPrank(bob);

vm.deal(bob, 10 ether);

(address vault, uint256 tokenId) = vaultManagerV5Instance.mint();

SmartVaultV3 vaultInstance = SmartVaultV3(payable(vault));

address(vault).call{value: 5 ether}("");

/// @dev 500 is the mintFeeRate and burnFeeRate as set per standart team test files

/// @notice fee should be transfered to the liquidationPoolManager contract

console2.log("EUROs balance of liquidationPoolManager before minting: ", EURO.balanceOf(address(liquidationPoolManager)));

vaultInstance.mint(bob, 199);

console2.log("Bob's euros balance: ", EURO.balanceOf(bob));

console2.log("EUROs balance of liquidationPoolManager before minting: ", EURO.balanceOf(address(liquidationPoolManager)));

vm.stopPrank();

}

Logs:

EUROs balance of liquidationPoolManager before minting: 0

Bob's euros balance: 199

EUROs balance of liquidationPoolManager before minting: 0

Impact

Protocol looses some small fees.

Tools Used

Manual Review & Foundry

Recommendations

Add a minimum amount that can be minted for example 1e18 EUROs

Updates

Lead Judging Commences

hrishibhat Lead Judge over 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

fee-loss

hrishibhat Lead Judge over 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

mint-precision

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

609

33 USDC / LOC

High Medium

17,500 USDC

Low

2,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.