The Standard

Description

The setPoolFeePercentage function is intended to update the poolFeePercentage state variable, which represents the fee percentage that the pool takes from the collected fees. The function does not validate that the input _poolFeePercentage is within the bounds of 0 to HUNDRED_PC (100,000 representing 100%). This allows the owner to set a fee percentage that could be absurdly high, potentially draining all the assets from the contract or causing overflow issues.

Proof of Concept (PoC)

• Deploy the LiquidationPoolManager contract.

• As the owner, call setPoolFeePercentage with a value greater than HUNDRED_PC (e.g., 200000 for 200%).

• The contract will accept this value without any error or revert.

• When distributeFees is called, the calculation _feesForPool = eurosToken.balanceOf(address(this)) * poolFeePercentage / HUNDRED_PC; will result in a fee that is more than the total balance, leading to unexpected behavior.

Code Snippet

function setPoolFeePercentage(uint32 _poolFeePercentage) external onlyOwner {
poolFeePercentage = _poolFeePercentage;
}

Impact

If the pool fee percentage is set above 100%, the contract could attempt to transfer more tokens than it holds when distributing fees, which would result in a revert and prevent the proper distribution of fees. This could halt important contract functionality and potentially lock funds.

Recommendation

Implement input validation to ensure that _poolFeePercentage is within the expected range. The following code snippet demonstrates how to add this validation:

function setPoolFeePercentage(uint32 _poolFeePercentage) external onlyOwner {
require(_poolFeePercentage <= HUNDRED_PC, "Fee percentage exceeds 100%");
poolFeePercentage = _poolFeePercentage;
}

By adding the require statement, the contract will revert if an invalid fee percentage is provided, ensuring that the fee system remains within logical bounds.