Submission Details
Severity:
100% platform fee can prevent buyers from receiving `BuyerAgent::royaltyFee`
Summary
Platform fee (charged by platform) is a percentage of the royalty fee (charged by buyer). 100% is a legal value
and this may be problematic because the buyer won't receive and royalty fee in that case.
Description
The following function in SwanManager.sol allows for setting a value of 100 .
function setMarketParameters(SwanMarketParameters memory _marketParameters) external onlyOwner {
require(_marketParameters.platformFee <= 100, "Platform fee cannot exceed 100%");
_marketParameters.timestamp = block.timestamp;
marketParameters.push(_marketParameters);
}
In the following funciton in Swan.sol, we can see driaFee will be equal to buyerFee making the buyer's portion 0
/// @notice Function to transfer the royalties to the seller & Dria.
function transferRoyalties(AssetListing storage asset) internal {
// calculate fees
uint256 buyerFee = (asset.price * asset.royaltyFee) / 100;
uint256 driaFee = (buyerFee * getCurrentMarketParameters().platformFee) / 100; <@ FOUND
// first, Swan receives the entire fee from seller
// this allows only one approval from the seller's side
token.transferFrom(asset.seller, address(this), buyerFee);
// send the buyer's portion to them
token.transfer(asset.buyer, buyerFee - driaFee);
// then it sends the remaining to Swan owner
token.transfer(owner(), driaFee);
}
Impact
Buyer won't receive and royalty fee.
Tools Used
Manual Analysis
Recommended Mitigations
One way I can think of is to allow for a stricter range. Example - Instead of 1-100 it could be like 1-10 or something.
Updates
Prize pool breakdown
Total prize
21,000 USDC
nSLOC
1,03420 USDC / LOC
20,000 USDC
1,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.