OrderBook
First Flight #43
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: low
Valid

Fee Calculation Precision Loss Vulnerability

igdbaxe

Root + Impact

Truncation of small fee values due to integer division, allowing micro-orders to avoid protocol fees entirely.

Description

  • Normal behavior: All trades should pay a consistent 3% fee regardless of order size.

  • The specific issue: Integer division causes fees to round down to zero for small-value orders, creating a fee avoidance loophole.

function buyOrder(uint256 _orderId) public {
@> uint256 protocolFee = (order.priceInUSDC * FEE) / PRECISION;
// When priceInUSDC * FEE < PRECISION (100), fee = 0
// Example: (1 USDC * 3) / 100 = 0.03 → truncates to 0
}

Risk

Likelihood:

  • Occurs automatically for any order where (price × 3) < 100

  • Becomes systematic when attackers deliberately create micro-orders

Impact:

  • Protocol loses fee revenue on small trades

  • Creates unfair advantage for traders exploiting the loophole

Proof of Concept

// Attack:
1. Attacker creates 1000 orders of 1 wei @ 1 USDC:
createSellOrder(token, 1, 1e6, 1 day);
2. Protocol calculates fee:
(1 * 3) / 100 = 0 (instead of 0.03 USDC)
3. Result:
- 1000 trades executed
- $0 fees collected (should be $30)

Recommended Mitigation

- uint256 public constant FEE = 3;
+ uint256 public constant FEE = 3e18; // Use 18-decimal precision
- uint256 public constant PRECISION = 100;
+ uint256 public constant PRECISION = 100 e18; // Use 18-decimal precision
Updates

Lead Judging Commences

yeahchibyke Lead Judge about 1 month ago
Submission Judgement Published
Validated
Assigned finding tags:

Fee can be bypassed

Protocol Suffers Potential Revenue Leakage due to Precision Loss in Fee Calculation

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.