Tadle
Tadle
DeFiFoundry
27,750 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Incorrect Platform Fee Assignment in `PreMarkets::createOffer` Function

n3smaro

Summary

In the createOffer function of the PreMarkets contract, the platformFee attribut of the new MakerInfo is incorrectly set to 0 instead of the user's actual platform fee rate in the SystemConfig contract.

Vulnerability Details

The createOffer function updates the makerInfoMap with the platformFee set to 0:

makerInfoMap[makerAddr] = MakerInfo({
offerSettleType: params.offerSettleType,
authority: _msgSender(),
marketPlace: params.marketPlace,
tokenAddress: params.tokenAddress,
originOffer: offerAddr,
platformFee: 0,
eachTradeTax: params.eachTradeTax
});

The correct platform fee rate for the user should be fetched from the SystemConfig contract using the getPlatformFeeRate function.

Impact

Setting the platformFee to 0 instead of the actual user-defined platform fee rate can lead to incorrect fee calculations. This discrepancy can result in financial inaccuracies, potentially causing revenue loss or mismanagement of platform fees.

Tools Used

Manual Code Review

Recommendations

  1. Fetching the User's Platform Fee Rate: Use the getPlatformFeeRate function to obtain the current platform fee rate for the user. This ensures that the fee is set according to the most recent configuration.

  2. Storing the Correct Fee Value: Update the platformFee field in the MakerInfo struct with this fetched value, rather than setting it to 0. This would ensure that the fee information is correctly stored and utilized.

Updates

Lead Judging Commences

0xnevi Lead Judge
about 1 year ago
0xnevi Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.