Fees Types Values for Buy/Swap Tax and NFT Royalty are improperly set.
Summary
Fee Types Value From The FeeCollector::contructor is initialized with the protocol ruleSLOC#148-149, but the fee percentage is set improperly.
Vulnerability Details
When FeeCollector contract is deployed by the admin of the protocol that it initialize the fees function SLOC#149
If we check that it set the value for 7 different fees Types in that Swap Tax and NFT Royalty type fees SLOC#378-393 doesnt follow the net spec where in the Buy / Swap tax should be 2% according to the spec but here in the if we look at the function carefully it veRAACShare is 500 means 5% and burnShare is 500 means 5% and repairShare is 1000 means 10% means total would be 20% instead of the 2% SLOC#379.
Same For the NFT Royalty Fees Set veRAACShare is 500 means 5% and repairShare is 1000 means 10% and treasuryShare is 500 means 5% total would be 20% instead of the 2% SLOC#387. Contract Sets fees on basis points.
Impact
According to the FeeCollector Contract user will be paying more fees than the provided information from the netspec.
Tools Used
Manual Review
Recommended Mitigation
Lead Judging Commences
Fee shares for fee type 6 and 7 inside FeeCollector do not total up to the expected 10000 basis points, this leads to update problems, moreover they are 10x the specifications
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.