OrderBook

​

​

​

The contract charges a protocol fee using a low-precision calculation:

​

// @> fee logic based on small integers

uint256 protocolFee = (order.priceInUSDC * FEE) / PRECISION;

​

Where:

​

uint256 public constant FEE = 3; // 3%

uint256 public constant PRECISION = 100;

​

​

**Likelihood**:

​

* Happens on all small-value orders.

* Occurs when fees are fractional and round to zero.

​

**Impact**:

​

* Protocol earns no fees on low-value orders.

* Poor precision can cause rounding errors too.

​

​

Create a sell order with a very small `priceInUSDC`, such as **1 USDC** (which is `1e6` in USDC's 6 decimal format). The current fee calculation uses:

​

uint256 protocolFee = (order.priceInUSDC * FEE) / PRECISION;

​

Where:

​

FEE = 3;

PRECISION = 100;

​

This leads to:

​

protocolFee = (1e6 * 3) / 100 = 30000 (0.03 USDC) //0.03 = 0 in solidity as it doesnot support float

​

**Protocol earns 0 fee**, even though the user is using the system.

​

This issue is caused by Solidity’s integer division — **fractions are truncated**.

​

Even when the fee isn't completely zero, **rounding errors** can occur due to Solidity's **integer division**, which truncates toward zero.

​

Solidity doesn't handle floating-point math. So when you calculate fees like this:

​

uint256 protocolFee = (order.priceInUSDC * FEE) / PRECISION;

​

Any **fractional result is truncated**. For example:

​

(order.priceInUSDC = 101)

(FEE = 3)

(PRECISION = 100)

​

protocolFee = (101 * 3) / 100 = 3.03 → truncated to 3

​

So the protocol **loses 0.03 USDC** on this order. It’s small, but over millions of orders it accumulates.

​

​

Switch to 6-decimal fee precision to match USDC, e.g., 3% = `3e4`, precision = `1e6`.

​

- uint256 public constant FEE = 3;

- uint256 public constant PRECISION = 100;

+ uint256 public constant FEE = 30000; // 3% fee

+ uint256 public constant PRECISION = 1e6;

​