Vanguard
First Flight #56
Beginner FriendlyDeFiFoundry
0 EXP
View all submissions
Previous Next
Submission Details
Impact: medium
Likelihood: high

Constructor Allows Zero phasePenaltyBps - Penalty Phase Without Economic Deterrent

Author Revealed upon completion

Description

Normal Behavior: The penalty fee mechanism (phasePenaltyBps) should impose a meaningful economic cost on users who exceed their swap limits, deterring excessive selling during token launches.

Issue: The constructor allows deploying with phasePenaltyBps set to 0, completely disabling the penalty mechanism.

Root Cause

No constructor validation ensures phasePenaltyBps > 0:

constructor(/* params */) {
// No validation that penalty > 0
phase1PenaltyBps = _phase1PenaltyBps; // Can be 0
phase2PenaltyBps = _phase2PenaltyBps; // Can be 0
}

Impact

  • No Economic Deterrent: Users can exceed limits without financial penalty

  • Anti-Bot Mechanism Weakened: Bots can sell aggressively knowing there's no fee penalty

  • Protocol Goal Defeated: The penalty system exists specifically to discourage large sells

Proof of Concept

// Deploy with zero penalty
TokenLaunchHook hook = new TokenLaunchHook(
poolManager,
1000, // phase1LimitBps
500, // phase2LimitBps
0, // phase1PenaltyBps = 0 (NO PENALTY!)
0, // phase2PenaltyBps = 0 (NO PENALTY!)
100, // phase1Cooldown
50, // phase2Cooldown
1000, // phase1Blocks
2000 // phase2Blocks
);
// User exceeds limit but pays NO extra fee

Recommended Mitigation

constructor(/* params */) {
+ require(_phase1PenaltyBps > 0, "Phase 1 penalty required");
+ require(_phase2PenaltyBps > 0, "Phase 2 penalty required");
phase1PenaltyBps = _phase1PenaltyBps;
phase2PenaltyBps = _phase2PenaltyBps;
}

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!