Precision loss in `killRavana` function
Summary
The Dussehra::killRavana function has an issue with precision loss when calculating totalAmountGivenToRam, leading to funds being stuck in the contract.
Vulnerability Details
The killRavana function has an issue with integer division in Solidity, which rounds down the result and causes precision loss. Since we don't know how much entranceFee is going to be, a scenario were entranceFee is 1 wei and WantToBeLikeRam.length is 51, then totalAmountByThePeople is 51 wei. The calculation (51 * 50) / 100 results in 25.5 wei, but due to Solidity's integer division, this is rounded down to 25 wei. This rounding down leads to 0.5 wei being stuck in the contract. In general, any result that is not a whole number will lead to funds being stuck in the contract, with no way to retrieve them.
Impact
Incorrect calculation of totalAmountGivenToRam, and funds being stuck in the contract since there is no way to retrieve them.
Tools Used
Manual Review
Recommendations
Implement a mechanism to handle the precision loss and ensure all funds are properly distributed.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.