Description

The constant KittyPool::REWARD_PERCENT contains a decimal value of 0.05e18. The value 0.05e18 is intended to represent 5%, or 0.05, with 18 decimal places of precision. However 0.05e18 is not valid in Solidity because Solidity does not support decimals or floating-point literals directly. When writing 0.05, it will be interpreted as zero, as Solidity only works with integers.

Impact

In Solidity, calculations are performed using integer arithmetic. Hence, when using 0.05e18, the compiler interprets 0.05 as 0, and 0.05e18 as 0, leading to incorrect extra reward calculations in KittyPool::purrgeBadPawsition. Users who expect to receive an extra reward for liquidating the bad debt position of other users will not receive this extra reward, resulting in financial losses.

Tools Used

Manual review, vscode

Recommended Mitigation

To calculate 5% using a scaling factor of 1e18, we should multiply 0.05 by 1e18: 0.05 × 1e18 = 5e16
Consider making the following change to the KittyPool::REWARD_PERCENT constant variable: