Incorrect Tax validation
Summary
Wrong validation of the eachTradeTax parameter. While the impact is low, it could lead to confusion or unintended behavior if not addressed.
Vulnerability Details
The current implementation inside PreMarkets.sol, checks whether the eachTradeTax is greater than the maximum allowable value defined by Constants.EACH_TRADE_TAX_DECIMAL_SCALER.
However, the validation logic should ensure that the eachTradeTax is less than or equal to the maximum, as specified by the @dev comment.
This check currently prevents values greater than the maximum but does not allow values equal to it, which could be a valid scenario. The contract should instead permit eachTradeTax values up to and including the maximum defined by the constant.
Impact
Users may experience unnecessary transaction failures when setting eachTradeTax to the maximum allowable value, resulting in a poor user experience. Additionally, the current logic doesn't match the intended behavior outlined in the documentation, potentially causing confusion for developers.
Tools Used
Imagination
Recommendations
To align the contract's behavior with the documented intent, the validation should be updated to allow eachTradeTax values that are less than or equal to the maximum:
Lead Judging Commences
finding-PreMarkets-off-by-one-Trade-TAX-100%
Similar to issue #1323, Despite this off-by-one error of the intended check, the difference between 99% and 100% is minimal, so I believe whether or not 100% is allowed has minimal impact. Ultimately, takers should not be realistically creating offer with such tradeTax
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.