Incorrect Fee Calculation in `UpliftOnlyExample.sol`
Title
Incorrect Fee Calculation in UpliftOnlyExample.sol
Summary
The onAfterRemoveLiquidity hook in UpliftOnlyExample.sol is responsible for calculating fees, including the uplift fee and admin charges. However, the getQuantAMMUpliftFeeTake() function in this updateWeightRunner.sol incorrectly returns the value of quantAMMSwapFeeTake instead of quantAMMUpliftFeeTake. This results in incorrect fee calculations.
Vulnerability Details
In the
onAfterRemoveLiquidityhook, fees such asupliftFeeare calculated usinggetQuantAMMUpliftFeeTake().In the
updateWeightRunner,getQuantAMMUpliftFeeTake()wrongly fetches the value ofquantAMMSwapFeeTakeinstead ofquantAMMUpliftFeeTake.This bug leads to incorrect fee deductions for liquidity removal operations, impacting both users and the protocol.
Impact
Incorrect Fee Calculation
Tools Used
Manual Review
Recommendations
Fix Function Logic:
Update the
setQuantAMMUpliftFeeTake()andgetQuantAMMUpliftFeeTake()functions to correctly set and retrieve the value ofquantAMMUpliftFeeTake.
Lead Judging Commences
finding_quantAMMSwapFeeTake==quantAMMUplfitFeeTake
Likelyhood: High, calling setters or getters Impact: Low/Medium, both getters return `quantAMMSwapFeeTake` and `setQuantAMMUpliftFeeTake` modify `quantAMMUplfitFeeTake`. Real impact: those 2 values will be always the same.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.