Incorrect Calculation in `mulWadUp` Function
Summary
The mulWadUp, designed to perform multiplication with rounding up, is found to have an incorrect logic in its implementation. This issue was detected using an extensive fuzz testing approach.
Vulnerability Details
The core problem lies in the line if iszero(sub(div(add(z, x), y), 1)) { x := add(x, 1) } within the mulWadUp function. This line of code is illogical in the context of the function and does not contribute to the expected outcome of the multiplication operation with rounding up. Instead, it introduces a flaw in the calculation, leading to incorrect results.
To proove this just run the fuzzer with some extra runs:
Poc
Impact
The incorrect implementation of mulWadUp can lead to miscalculations in any contract that relies on this function for its arithmetic operations. This could potentially result in financial inaccuracies, mismanagement of balances, and could affect any protocols that utilize this library for their fixed-point arithmetic operations, especially in financial calculations.
Tools Used
Foundry's Forge for fuzz testing (forge test --fuzz-runs=9999 -vvv)
Manual comparission agains similar librarires
Recommendations
Remove this line MathMasters.sol#L56
Lead Judging Commences
`mulWadUp` has an unnecessary line that makes the result wrong for some inputs
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.