Root + Impact

Description

• Normal behavior: In decentralized trading protocols, the owner typically has the privilege to adjust trading fees to manage platform sustainability, attract liquidity, or respond to market shifts. This adjustment is expected to occur within a reasonable range (like 0.1% - 1%) to balance platform revenue against user incentives.

• Issue: In this contract, the setFee function has no maximum cap, meaning the owner (or anyone with control of the private key) could maliciously or accidentally set the fee to an extremely high value, such as 1000%. This transforms the protocol into an unfair system where users lose most or all of their trading capital to fees, violating the basic economic trust model required for participation.

Risk

Likelihood:

• This risk materializes the moment the owner sets the fee above a competitive market norm, which could happen by mistake or as a deliberate rug pull.

• Since there's no technical constraint, the only safeguard is human trust in the owner's intentions and operational security against private key compromise.

Impact:

• Any excessive fee instantly redirects user trade funds to the protocol treasury, potentially wiping out liquidity providers or traders.

• Trust in the platform collapses, leading to massive liquidity withdrawal, protocol death, and possible reputational damage to the ecosystem.

Proof of Concept

This shows how trivially the owner can call setFee with an extreme parameter. Any subsequent trade by users results in nearly their entire transaction value being consumed as fees. The PoC highlights how a single transaction by the owner breaks the economic safety of all future protocol interactions.

Recommended Mitigation

This mitigation ensures that, regardless of owner intentions or key compromise, the fee cannot exceed 10%. It protects the core economic fairness of the protocol by making abusive fee rates structurally impossible. This also aligns with best practices in DeFi governance, where critical parameters should have safe bounds.