```_platformFeeRate``` in ```SystemConfig::updateUserPlatformFeeRate``` can be set by the ```owner``` to 100% preventing the user to trade
Summary
The SystemConfig::updateUserPlatformFeeRate allows the contract owner to set the platform fee rate for a specific user. The function includes a check to ensure that the fee rate does not exceed Constants.PLATFORM_FEE_DECIMAL_SCALER, which represents 100%. However, setting the fee rate to 100% (in the case of _platformFeeRate = Constants.PLATFORM_FEE_DECIMAL_SCALER) means that the user would pay all their funds as fees, leaving nothing for actual trading.
Vulnerability Details
Impact
Setting a 100% fee rate can damage the user who will be unable to trade on the platform if all their funds are consumed by fees. Users will lose all their funds to fees.
Tools Used
Manual review
Recommendations
Implement a more reasonable upper limit for the platform fee rate (such as 10% or 20%) to prevent excessive fees.
Lead Judging Commences
[invalid] finding-Admin-Errors-Malicious
The following issues and its duplicates are invalid as admin errors/input validation/malicious intents are1 generally considered invalid based on [codehawks guidelines](https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity#findings-that-may-be-invalid). If they deploy/set inputs of the contracts appropriately, there will be no issue. Additionally admins are trusted as noted in READ.ME they can break certain assumption of the code based on their actions, and
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.