Submission Details
Severity:
Platform will pay to generator and validator more than protocol should
Summary
generationFee, validationFee will be doubled with a minimum difficulty which doesn't seems to be logical.
Vulnerability Details
Whenever there is a comptutation for how much protocol should pay generator and validator there is a call to this function
function getFee(LLMOracleTaskParameters calldata parameters)
public
view
returns (uint256 totalFee, uint256 generatorFee, uint256 validatorFee)
{
uint256 diff = (2 << uint256(parameters.difficulty));
generatorFee = diff * generationFee;
validatorFee = diff * validationFee;
totalFee =
platformFee + (parameters.numGenerations * (generatorFee + (parameters.numValidations * validatorFee)));
}
E.x. min difficulty is 0; 2 << 0 = 2 which means that generatorFee and validatorFee will be doubled and never be there initial values even with minimal diffdifficulty
Impact
Protocol will always overpay generators and validators
Tools Used
Recommendations
This seems like more logical
1 << 0 = 1
1 << 1 = 2
1 << 2 = 4
function getFee(LLMOracleTaskParameters calldata parameters)
public
view
returns (uint256 totalFee, uint256 generatorFee, uint256 validatorFee)
{
- uint256 diff = (2 << uint256(parameters.difficulty));
+ uint256 diff = (1 << uint256(parameters.difficulty));
generatorFee = diff * generationFee;
validatorFee = diff * validationFee;
totalFee =
platformFee + (parameters.numGenerations * (generatorFee + (parameters.numValidations * validatorFee)));
}
Prize pool breakdown
Total prize
21,000 USDC
nSLOC
1,03420 USDC / LOC
20,000 USDC
1,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.