Tadle
Tadle
DeFiFoundry
27,750 USDC
View results
Previous Next
Submission Details
Severity: low
Valid

colleteralrate error

abandonedplanetplut

Summary

the If code checks if the rate is the rate that the protocol has expected. But as we can see, the rate does not check if the colleteralrate is 100%.

Vulnerability Details

// source: ./src/core/PreMarkets.sol::createOffer(CreateOfferParams calldata params)
if (params.collateralRate < Constants.COLLATERAL_RATE_DECIMAL_SCALER) {
revert InvalidCollateralRate();
//the rate must be more than 100%, but the if checker does not revert if the rate is 100%.
}

Impact

the 100% colleteral rate is not the contract intended, and it can also lead to the loss of money value of the colleteral due to the price change of the colleteral.

Tools Used

VScode, foundry

Recommendations

short term: set the phrase to

params.collateralRate < Constants.COLLATERAL_RATE_DECIMAL_SCALER

in the if checker.

long term: adjust the colleteral rate in order to prevent loss of value.

Updates

Lead Judging Commences

0xnevi Lead Judge about 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

finding-PreMarkets-off-by-one-Collateral-Rate-100%

I believe this is borderline informational/low. Despite this off-by-one error of the intended check, the difference between 100% and 101% is minimal, so I believe whether or not 100% is allowed has minimal impact. Ultimately, it still comes down to the risk level that users are willing to take

finding-PreMarkets-off-by-one-Trade-TAX-100%

Similar to issue #1323, Despite this off-by-one error of the intended check, the difference between 99% and 100% is minimal, so I believe whether or not 100% is allowed has minimal impact. Ultimately, takers should not be realistically creating offer with such tradeTax

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.