```LibUnripe::getTotalRecapitalizedPercent``` returns wrong ```recapitalizedPercent``` if ```totalUsdNeeded``` is 0
Summary
The LibUnripe::getTotalRecapitalizedPercent is designed to returns the total percentage that beanstalk has recapitalized (recapitalizedPercent). This calculation is based on the ratio of the amount recapitalized (s.recapitalized) to the total dollar amount needed to recapitalize Beanstalk (totalUsdNeeded). The function contains a conditional statement for handling the scenario where if totalUsdNeeded is equal to 0 returns 0.
In the case of totalUsdNeeded is equal to 0, meaning the recapitalization is completed, the recapitalizedPercent should be 100% but the function returns 0.
As indicated in the natspec comment "@dev this is calculated by the ratio of s.recapitalized and the total dollars the barnraise needs to raise returns the same precision as getRecapPaidPercentAmount (100% recapitalized = 1e6)". So the if statement in the function should return 1e6 (100% recapitalized).
Vulnerability Details
Impact
The LibUnripe::getTotalRecapitalizedPercent is designed to returns the total percentage that beanstalk has recapitalized (recapitalizedPercent). In the case of the total dollar amount needed to recapitalize Beanstalk is 0 (totalUsdNeeded==0), the recapitalizedPercent should be 100% (all recapitalized) and not 0 as returned by the if statement into the function. This function is called in several get functions (UnripeFacet::getLockedBeansUnderlyingUnripeBean, UnripeFacet::getPercentPenalty, etc), returning a wrong result in the case of totalUsdNeeded==0).
Tools Used
Manual review
Recommendations
Lead Judging Commences
Recapitalized percent
Recapitalized percent
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.