Pieces Protocol

Summary

The fee and seller fee are calculated using simple integer division, which truncates any remainder. Specifically, the following lines are problematic:

This truncation can result in a loss of precision, leading to inaccuracies in the amounts deducted for fees and the final amount received by the seller.

Vulnerability Details

Below is an example of the issue caused by the precision loss in the contracty

Assume the following inputs:

• order.price = 105

Current Behavior:

• fee = 105 / 100 = 1 (truncated from 1.05)

• sellerFee = 1 / 2 = 0 (truncated from 0.5)

• Seller receives: 105 - 0 = 105

• Owner receives: fee = 1

Expected Behavior (if precision was maintained):

• fee = 1.05

• sellerFee = 0.5

• Seller receives: 105 - 0.5 = 104.5

• Owner receives: fee = 1.05

Impact

• Details: Truncation in the fee calculation (fee) reduces the platform's revenue. The discrepancy may seem minor for a single transaction but can scale with a high transaction volume.

• Impact: The platform owner collects slightly less revenue than intended.

Tools Used

Manual review

Recommendations

Use Fixed-Point Arithmetic:
Perform calculations with higher precision by scaling values, e.g., multiply by 1e18 before performing division and divide the result by 1e18 after: