OrderBook
First Flight #43
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: low
Valid

Fee Calculation Precision Loss Vulnerability

igdbaxe

Root + Impact

Truncation of small fee values due to integer division, allowing micro-orders to avoid protocol fees entirely.

Description

  • Normal behavior: All trades should pay a consistent 3% fee regardless of order size.

  • The specific issue: Integer division causes fees to round down to zero for small-value orders, creating a fee avoidance loophole.

function buyOrder(uint256 _orderId) public {
@> uint256 protocolFee = (order.priceInUSDC * FEE) / PRECISION;
// When priceInUSDC * FEE < PRECISION (100), fee = 0
// Example: (1 USDC * 3) / 100 = 0.03 → truncates to 0
}

Risk

Likelihood:

  • Occurs automatically for any order where (price × 3) < 100

  • Becomes systematic when attackers deliberately create micro-orders

Impact:

  • Protocol loses fee revenue on small trades

  • Creates unfair advantage for traders exploiting the loophole

Proof of Concept

// Attack:
1. Attacker creates 1000 orders of 1 wei @ 1 USDC:
createSellOrder(token, 1, 1e6, 1 day);
2. Protocol calculates fee:
(1 * 3) / 100 = 0 (instead of 0.03 USDC)
3. Result:
- 1000 trades executed
- $0 fees collected (should be $30)

Recommended Mitigation

- uint256 public constant FEE = 3;
+ uint256 public constant FEE = 3e18; // Use 18-decimal precision
- uint256 public constant PRECISION = 100;
+ uint256 public constant PRECISION = 100 e18; // Use 18-decimal precision
Updates

Lead Judging Commences

yeahchibyke Lead Judge 5 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Fee can be bypassed

Protocol Suffers Potential Revenue Leakage due to Precision Loss in Fee Calculation

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!