Missing `baseFeeUsd` Field in DexSwapStrategy.Data Struct
Summary
The DexSwapStrategy.Data struct is missing the baseFeeUsd field, which is explicitly documented in the NatSpec comment. This discrepancy can lead to:
Incorrect Functionality: If the protocol relies on
baseFeeUsdfor fee calculations or keeper cost coverage, the absence of this field will cause unexpected behavior.Documentation Mismatch: The NatSpec comment explicitly mentions
baseFeeUsd, but the struct does not include it, leading to confusion for developers and auditors.Potential Runtime Errors: If external contracts or functions attempt to access or modify
baseFeeUsd, the code will fail to compile or behave incorrectly.
Vulnerability Details
Impact
Functional Impact: The protocol may fail to calculate or distribute fees correctly, leading to financial discrepancies or keeper cost coverage issues.
Developer Impact: Developers relying on the NatSpec documentation may write code assuming the presence of
baseFeeUsd, leading to compilation errors or runtime issues.Auditor Impact: Auditors may flag this as a critical inconsistency, delaying the review process.
Tools Used
Manual Review
Recommendations
Add the missing baseFeeUsd field to the Data struct to align with the NatSpec documentation. The corrected struct should look like this:
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.