Fjord Token Staking
Fjord
DeFiFoundry
20,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Discrepancy between FjordPoints decimal and AuctionToken decimal can cause incorrect calculation of multiplier in auctionEnd

0xleadwizard

Vulnerability Details

When an auction ends, a multiplier is calculated

// multiplier = (totalTokens*1e18)/totalBids
multiplier = totalTokens.mul(PRECISION_18).div(totalBids);

When claiming the multiplier is multiplied by bids[msg.sender] to get the tokens the user can claim.

function claimTokens() external {
if (!ended) {
revert AuctionNotYetEnded();
}
uint256 userBids = bids[msg.sender];
if (userBids == 0) {
revert NoTokensToClaim();
}
>> uint256 claimable = userBids.mul(multiplier).div(PRECISION_18);
bids[msg.sender] = 0;
auctionToken.transfer(msg.sender, claimable);
emit TokensClaimed(msg.sender, claimable);
}

The issue here is, that totalTokens is in auction token decimal and the totalBids is in FjordPoints token decimal which is 18.

Let's say,

  • totalBids = Z * 1e18

  • totalTokens = Y * 1eX

where,

  • X = auction token decimal

  • Z = total bids placed

  • Y = total tokens to be auctioned

which gives us this equation for the multiplier,

multiplier = YeX * 1e18 / Ze18

Now if Z > YeX this will make multiplier = 0

with tokens that have low decimals and are popular in auctions, the Z > YeX can be true hence making the auction nonfunctional and auction tokens stuck

Impact

Loss of auction token as nobody will be able to claim once the multiplier is zero.

Recommendations

Adjust totalTokens to 18 decimal if its decimal is lower than 18

Updates

Lead Judging Commences

inallhonesty Lead Judge
about 1 year ago
inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Known issue
Assigned finding tags:

Low decimal tokens or super small bids can lead to 0 claims

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.