Due to Wrong Basis Point Calculation, Fee Allocation on Swap Tax and NFT Royalties is Multiplied by 10x
Summary
The FeeCollector contract incorrectly uses basis point values for feeTypes[6] and feeTypes[7]. The comments indicate that these should represent 0.5% and 1.0% fees respectively, yet the code uses 500 and 1000, which on a 10,000 basis point scale equate to 5% and 10%. This misconfiguration will lead to higher fees than intended, thereby messing with the protocol’s fee distribution.
Vulnerability Details
In the FeeCollector contract, feeTypes for Swap Tax and NFT Royalty Fees are defined as follows:
As we know, a 10,000 basis point scale is used, where 10,000 represents 100%. Therefore, 0.5% should be 50 basis points (i.e., 50/10,000 = 0.005 or 0.5%), and 1.0% should be 100 basis points.
However, the code uses 500 instead of 50 and 1000 instead of 100. This error means that instead of assigning 0.5% and 1.0%, the contract is effectively assigning 5% and 10% for the respective fee components.
Impact
If this misconfiguration is not corrected, the contract will allocate fees at rates 10 times higher than intended for these fee types.
Tools Used
Manual Code Review
Recommendations
Update feeTypes[6] and feeTypes[7] to use 50 and 100 where appropriate, ensuring that the values correctly represent 0.5% and 1.0%.
Lead Judging Commences
Fee shares for fee type 6 and 7 inside FeeCollector do not total up to the expected 10000 basis points, this leads to update problems, moreover they are 10x the specifications
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.