Tadle

Summary

The audit has identified inconsistencies in the conditional storage checks within the SystemConfig.sol contract. Specifically, the same storage variable baseReferralRate is checked multiple times, but the conditionals are inconsistent. This could lead to off-by-one errors or logical inconsistencies, potentially causing unintended behaviors in the contract's functioning.

Vulnerability Details

Inconsistent Conditional Check

• Location: src/core/SystemConfig.sol, Line 54
  Code:

• Issue: This conditional checks if _referrerRate is less than baseReferralRate and reverts if true. However, there is no context provided for the rationale behind why being less than baseReferralRate should be considered invalid, potentially leading to confusion about this rule.

Inconsistent Conditional Check for Total Rate

• Location: src/core/SystemConfig.sol, Line 203

• Code:

• Issue: This conditional adds _extraRate to baseReferralRate and checks if the sum exceeds the REFERRAL_RATE_DECIMAL_SCALER constant, and if so, it reverts. The inconsistency in how baseReferralRate is handled and checked across different functions can lead to confusion about its allowed ranges and dependencies.

Impact

The identified inconsistencies in conditional checks can cause:

• Logical errors in contract behavior, leading to potential misconfigurations or unintended rejections.

• Increased difficulty in reasoning about contract logic and ensuring correctness, potentially opening up the contract to further inadvertent vulnerabilities.

• Risk of off-by-one errors or other boundary-related issues that may create edge cases, leading to unexpected contract behavior.

Tools Used

Manual Code Review

Recommendations

To mitigate the identified issue, the conditions used to check storage values should be standardized and consistently applied across the contract. This will prevent off-by-one errors and maintain uniform logic.