Tadle

Vulnerability Details

The contract uses floor rounding in multiple division operations, which can lead to precision loss. This is particularly evident in functions like closeBidTaker where calculations involving token amounts are performed.

Impact

Over time and multiple transactions, the cumulative effect of always rounding down could result in a non-trivial amount of value being lost. This affects the accuracy of token distributions and could lead to discrepancies between expected and actual balances.

Proof of Concept

Consider the following scenario in the closeBidTaker function:

Link to code

In this case, the user should receive 999,000 tokens. However, if this calculation is performed 1000 times with similar ratios, the cumulative loss would be:

1000 * (1000000 - 999000) = 1,000,000 tokens

This demonstrates how small rounding errors can accumulate to significant amounts over multiple transactions.

This calculation uses integer division with floor rounding. If userRemainingPoints is significantly smaller than offerInfo.usedPoints, it could lead to rounding down to zero, even when a non-zero fee should be applied.

For example, if collateralFee is 100, userRemainingPoints is 1, and offerInfo.usedPoints is 1000, the result would be:

100 * 1 / 1000 = 0 (rounded down)

When in reality, it should be 0.1, which would round to 1 in integer arithmetic.

Tools Used

Manual Review

Recommendations

• Consider using a higher precision for calculations. Multiply by a large factor before division and then scale back down:

• Implement a minimum fee threshold to ensure that very small fees are not rounded down to zero: