Vulnerability Details
The function _quantAMMUpliftFeeTake() is a setter function which is used to set/update the quantAMM uplift fee % amount allocated to the protocol for running costs by the admins but if we look at the function it updates the quantAMMSwapFeeTake which is the % of the total swap fee that is allocated to the protocol for running costs instead.
function setQuantAMMSwapFeeTake(uint256 _quantAMMSwapFeeTake) external override {
require(msg.sender == quantammAdmin, "ONLYADMIN");
require(_quantAMMSwapFeeTake <= 1e18, "Swap fee must be less than 100%");
uint256 oldSwapFee = quantAMMSwapFeeTake;
quantAMMSwapFeeTake = _quantAMMSwapFeeTake;
emit SwapFeeTakeSet(oldSwapFee, _quantAMMSwapFeeTake);
}
function getQuantAMMSwapFeeTake() external view override returns (uint256) {
return quantAMMSwapFeeTake;
}
function setQuantAMMUpliftFeeTake(uint256 _quantAMMUpliftFeeTake) external {
require(msg.sender == quantammAdmin, "ONLYADMIN");
require(_quantAMMUpliftFeeTake <= 1e18, "Uplift fee must be less than 100%");
uint256 oldSwapFee = quantAMMSwapFeeTake;
quantAMMSwapFeeTake = _quantAMMUpliftFeeTake;
emit UpliftFeeTakeSet(oldSwapFee, _quantAMMUpliftFeeTake);
}
Impact
Admin won't be able to set or update the quantAMMIpliftFeeTake using _quantAMMUpliftFeeTake() function.
Tools Used
Manual Review
Recommendations
We recommend following changes:
function setQuantAMMUpliftFeeTake(uint256 _quantAMMUpliftFeeTake) external {
require(msg.sender == quantammAdmin, "ONLYADMIN");
require(_quantAMMUpliftFeeTake <= 1e18, "Uplift fee must be less than 100%");
- uint256 oldSwapFee = quantAMMSwapFeeTake;
+ uint256 oldUpliftFee = quantAMMIpliftFeeTake;
- quantAMMSwapFeeTake = _quantAMMUpliftFeeTake;
+ quantAMMIpliftFeeTake = _quantAMMUpliftFeeTake;
- emit UpliftFeeTakeSet(oldSwapFee, _quantAMMUpliftFeeTake);
+ emit UpliftFeeTakeSet(oldUpliftFee, _quantAMMUpliftFeeTake);
}