Tadle

DeFi

30,000 USDC

View results

Previous Next

Submission Details

Severity: high

Invalid

Protocol does not consider token with different decimals

holydevoti0n

Summary

The protocol(based on the PreMarkets.t.sol and constants) consider that every ERC20 token has 18 decimals. One clear example is the Constants file where several values are defined like platform fee, trade tax, collateral rate, etc. All of them considering a token with 18 decimals:

https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/libraries/Constants.sol#L9-L27

library Constants {

/// @dev Platform fee decimal scaler

uint256 internal constant PLATFORM_FEE_DECIMAL_SCALER = 1_000_000;

/// @dev Each trade tax decimal scaler

uint256 internal constant EACH_TRADE_TAX_DECIMAL_SCALER = 10_000;

/// @dev Collateral rate decimal scaler

uint256 internal constant COLLATERAL_RATE_DECIMAL_SCALER = 10_000;

/// @dev Each trade tax maxinum

uint256 internal constant EACH_TRADE_TAX_MAXINUM = 2000;

/// @dev Referral rate decimal scaler

uint256 internal constant REFERRAL_RATE_DECIMAL_SCALER = 1_000_000;

/// @dev Referral base rate

uint256 internal constant REFERRAL_BASE_RATE = 300_000;

}

Those values are used across the protocol to calculate fees, revenue, points, etc. I.e: the PreMarkets.soluse extensively those:

https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/core/PreMarkets.sol#L219

https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/core/PreMarkets.sol#L223

https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/core/PreMarkets.sol#L263

https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/core/PreMarkets.sol#L922

https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/core/PreMarkets.sol#L929

...

uint256 platformFee = depositAmount.mulDiv(

platformFeeRate,

@> Constants.PLATFORM_FEE_DECIMAL_SCALER

);

uint256 tradeTax = depositAmount.mulDiv(

makerInfo.eachTradeTax,

@> Constants.EACH_TRADE_TAX_DECIMAL_SCALER

);

...

@> makerInfo.platformFee = makerInfo.platformFee + remainingPlatformFee;

...

etc

As the protocol will accept different ERC20 tokens and already has in its tests the USDC, it is necessary to implement a solution that considers the difference in decimals of the ERC20s.

Impact

Miscalculation of prices
Loss of funds
Underpayment/Overpayment of fees
Bad debt for the protocol once the user exploits the miscalculation with tokens > 18 decimals.

Tools Used

Manual Review

Recommendations

A safe and effective solution is to use a **fixed-point math library like **https://github.com/PaulRBerg/prb-math.

All tokens can be safely brought to 18 decimals.

Reference case: https://github.com/sablier-labs/v2-core

Updates

Lead Judging Commences

0xnevi Lead Judge

10 months ago

0xnevi Lead Judge 10 months ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Prize pool breakdown

Total prize

30,000 USDC

nSLOC

1,229

24 USDC / LOC

High Medium

25,000 USDC

Low

2,750 USDC

Judges

2,250 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.