Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

division by zero in BoostController::getBoostMultiplier

0xgondar

Details

BoostController::getBoostMultiplier attempts to calculate the current boost multiplier for a user in a pool. The problem is, baseAmount is not properly scaled before division, which could lead it into rounding down to zero in small (not so small too actually) amounts.

uint256 baseAmount = (userBoost.amount * 10000) / MAX_BOOST;

MAX_BOOST is defined as 25000.

When baseAmount rounds down to zero, the following return statement return (userBoost.amount * 10000) / baseAmount; will revert due to division by zero.

Resulting in the failure of the calculation of current boost multiplier for a user in a pool.

/**
* @notice Calculates the current boost multiplier for a user in a pool
* @param user Address of the user
* @param pool Address of the pool
* @return Current boost multiplier in basis points (1e4)
*/
function getBoostMultiplier(
address user,
address pool
) external view override returns (uint256) {
if (!supportedPools[pool]) revert PoolNotSupported();
UserBoost storage userBoost = userBoosts[user][pool];
if (userBoost.amount == 0) return MIN_BOOST;
// Calculate actual boost multiplier in basis points
uint256 baseAmount = (userBoost.amount * 10000) / MAX_BOOST; //@audit this will round down to zero
return (userBoost.amount * 10000) / baseAmount; //! when it does round down to zero, this will revert because of division by zero
}

Impact

User’s current boost multiplier in a pool cannot be calculated in small boost amounts, breaking the application logic.

Updates

Lead Judging Commences

inallhonesty Lead Judge 3 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.