Precision loss when calculating `driaFee` in `Swan::transferRoyalties`
Summary
In Swan::transferRoyalties we can see that in [`driaFee`](https://github.com/Cyfrin/2024-10-swan-dria/blob/c8686b199daadcef3161980022e12b66a5304f8e/contracts/swan/Swan.sol#L261) calculation there is a hidden division before multiplication which results in the rounding down of dria's fees
Vulnerability Details
Whenever transferRoyalties is being called the driaFee and buyerFee are calculated but there is rounding of the driaFee after calculation which results in some loss of value and this is how it comes about;
looking at the function below and the indicated parts
we can see that the buyerFee is used to calculate driaFee as a result there is a hidden division in the buyerFee calculation that will round down the driaFee.
For example:
asset.price = 20e18
asset.royaltyFee = 28
platformFee = 5
buyerFee = 54434 * 23 / 100 = 12519
driaFee =12519 * 47 /100 = 5883
implementing multiplication before division
driaFee = (54434 * 23 * 47 )/100/100 = 5884.
Impact
Precision loss in driaFee. These little losses accumulate big as the protocol is being used.
Tools Used
manual review
Recommendations
multiply before division and always round up against user
Lead Judging Commences
Rounding Issue in `Swan.sol::transferRoyalties` function
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.