OrderBook

First Flight #43

Beginner FriendlySolidity

100 EXP

View results

Previous Next

Submission Details

Severity: low

Valid

Protocol fee rounding error (integer division)

whoami

Root + Impact

Description

The protocol fee is computed via integer division:

uint256 protocolFee = (order.priceInUSDC * FEE) / PRECISION;

uint256 sellerReceives = order.priceInUSDC - protocolFee;

Because Solidity truncates toward zero, any fractional remainder is lost. For example, if priceInUSDC * FEE is not evenly divisible by 100, the protocol fee will round down. In extreme cases, a very small order can yield a zero fee: (1 * 3) / 100 == 0. That means the protocol (owner) may receive less than the full 3%.

Risk

Likelihood: High

Integer division is always used here. Any order price not a multiple of 100 USDC units causes truncation.

Impact: Low

The owner simply collects slightly less than 3%. Small losses accumulate on many trades, but this is not an exploitable loss to attackers—only a minor accounting discrepancy.

Proof of Concept

// Example: very small price

uint256 price = 1; // e.g., 0.000001 USDC if decimals = 6

uint256 fee = (price * 3) / 100; // fee = 0 (rounded down)

uint256 sellerReceives = price - fee; // = 1 USDC unit

// Owner collects 0, seller gets 1 (i.e., 0% fee effectively)

This shows that a price of “1” yields a 0 fee due to rounding.

Recommended Mitigation

- uint256 protocolFee = (order.priceInUSDC * FEE) / PRECISION;

+ // Round up to ensure minimal fee

+ uint256 protocolFee = (order.priceInUSDC * FEE + PRECISION - 1) / PRECISION;

Adjusting the calculation to round up (e.g. adding PRECISION - 1 before division) ensures at least 1 unit of fee is taken if the true fee is non-zero. This uses fixed-point techniques to avoid truncating the fee to zero. It guarantees closer to an exact 3% fee even for small prices.

Updates

Lead Judging Commences

yeahchibyke Lead Judge

about 1 month ago

yeahchibyke Lead Judge about 1 month ago

Submission Judgement Published

Validated

Assigned finding tags:

Fee can be bypassed

Protocol Suffers Potential Revenue Leakage due to Precision Loss in Fee Calculation

Rewards breakdown

nSLOC

217

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.