Core Contracts

Regnum Aurum Acquisition Corp

HardhatReal World AssetsNFT

77,280 USDC

View results

Previous Next

Submission Details

Severity: low

Valid

Wrong Fee Type Initialization inside the FeeCollector Leads to Imprecise Fee Share Distribution

matin

Summary

Some fee shares (Buy/Sell Swap Tax and NFT Royalty Fees) are wrongly initialized inside the FeeCollector which makes the share recipients get imprecise fees. There is two major issues, one of them is deviating from the comments inside the code and the second one is violation of summation rule.

Vulnerability Details

According to the documents and natspec comments, we infer that there is a discrepancy when initializing the weights for different fee types. Especially if we take into account the natspec docs, the sum of the four fee share types should be equal to 10000 which is 100% in the basis point (even for insurance fees is a total of 3% from NFT loans). However, for the last two fee types (Buy/Sell Swap Tax (2% total) and NFT Royalty Fees (2% total)) there is no restriction and the sum of the fee shares is equal to 2000 or 20%.

Also if we consider the natspec comments here, we can see that the protocol intends to allocate the mentioned percentages with a basis point of 10000:

// Buy/Sell Swap Tax (2% total)

feeTypes[6] = FeeType({

veRAACShare: 500, // 0.5%

burnShare: 500, // 0.5%

repairShare: 1000, // 1.0%

treasuryShare: 0

});

// NFT Royalty Fees (2% total)

feeTypes[7] = FeeType({

veRAACShare: 500, // 0.5%

burnShare: 0,

repairShare: 1000, // 1.0%

treasuryShare: 500 // 0.5%

});

https://github.com/Cyfrin/2025-02-raac/blob/main/contracts/core/collectors/FeeCollector.sol#L379-L393

However, there is a discrepancy between the implemented code and the comment here as the 0.5% is not equal to 500 but 50 and 1% must be 100 instead of 1000.
So, here for the last two fee types, there are two main issues with the fee share distribution weights:

The sum of fee shares is not equal to the basis point (even is not equal to the 2% total mentioned in the natspec comment).
The comments deviate from the implemented code and show a 10x discrepancy.

Impact

Imprecise fee share distribution for the four shareholders due to the wrong initialized weights for the last two fee types (Buy/Sell Swap Tax and NFT Royalty Fees)

Tools Used

Manual

Recommendations

Consider modifying the weights for the last two fee types (Buy/Sell Swap Tax and NFT Royalty Fees) to ensure the correct percentages and also the summation rule (which should be equal to the basis point). Also, consider correcting the natspec comments.

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago

Submission Judgement Published

Validated

Assigned finding tags:

Fee shares for fee type 6 and 7 inside FeeCollector do not total up to the expected 10000 basis points, this leads to update problems, moreover they are 10x the specifications

Prize pool breakdown

Total prize

77,280 USDC

nSLOC

3,864

20 USDC / LOC

High Medium

74,000

Low

3,280

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!