`UnripeFacet.sol::getPercentPenalty` use incorrect calculation for C.UNRIPE_BEAN
Summary
The function uses LibUnripe.getPenalizedUnderlying to calculate the penalty percentage for C.UNRIPE_BEAN. This is likely incorrect as getPenalizedUnderlying is designed to return the amount of ripe tokens from a given amount of unripe tokens, considering penalties, not the penalty percentage itself.
Vulnerability Details
` * @notice Returns the % penalty of Chopping an Unripe Token into its Ripe Token.
* @param unripeToken The address of the Unripe Token.
* @return penalty The penalty % of Chopping derived from %Recapitalized^2.
* @dev `address` parameter retained for backwards compatiability.
*/
function getPercentPenalty(address unripeToken) external view returns (uint256 penalty) {
if (unripeToken == C.UNRIPE_BEAN) {
return LibUnripe.getPenalizedUnderlying(
unripeToken,
LibUnripe.DECIMALS,
IERC20(unripeToken).totalSupply()
);
}
if (unripeToken == C.UNRIPE_LP) {
return LibUnripe.getTotalRecapitalizedPercent()
.mul(LibUnripe.getTotalRecapitalizedPercent())
.div(LibUnripe.DECIMALS);
}
}
`
Impact
This function call is intended to calculate the amount of ripe tokens that can be obtained from a given amount of unripe tokens, considering penalties. However, it is used here to derive a penalty percentage, which seems incorrect. The error in the getPercentPenalty function could lead to incorrect penalty calculations for C.UNRIPE_BEAN due to the misuse of a function intended for a different purpose.
Tools Used
Manual Review
Recommendations
+ function getPercentPenalty(address unripeToken) external view returns (uint256 penalty) {
uint256 recapPercent = getRecapFundedPercent(unripeToken);
return recapPercent.mul(recapPercent).div(LibUnripe.DECIMALS);
}
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.