Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Precision Error when calculating the penalty for not locking the reward #279

Open
code423n4 opened this issue May 25, 2022 · 2 comments
Open

Precision Error when calculating the penalty for not locking the reward #279

code423n4 opened this issue May 25, 2022 · 2 comments
Labels
bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue

Comments

@code423n4
Copy link
Contributor

Lines of code

https://github.com/code-423n4/2022-05-aura/blob/4989a2077546a5394e3650bf3c224669a0f7e690/contracts/AuraBalRewardPool.sol#L176-L190

Vulnerability details

The penalty calculation, when a user does not lock his reward, encounters precision loss when reward cannot be completely divisible. This could lower the amount of penalty that the protocal expects to receive. The severity of the issue increases when a user getReward when his reward is small. And if a bulf of users decide to do the same thing, the protocal could potentially miss a huge penalty.

proof of concept

-A user getReward when his reward is at around 99
-The penalty will be 198/10 or 19.8 but, since there is no float point in solidity, the penalty will be rounded down to 19
-The penalty's percentage will be at around 19.1% instead of 20% as stated

mitigation

Since the severity will decline as accumulated reward goes up, it would be best to set the minimum reward that a user must first accumulates before getReward
@code423n4 code423n4 added 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working labels May 25, 2022
code423n4 added a commit that referenced this issue May 25, 2022
@code423n4
Kumpa issue #279
ac5b14b
@0xMaharishi 0xMaharishi added invalid This doesn't seem right sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue labels May 28, 2022
@0xMaharishi
Copy link

1 base unit (i.e. 0.00000000000000001 of a token) is an acceptable rounding error

@dmvt
Copy link
Collaborator

dmvt commented Jun 22, 2022

I'm lowering this to QA. It is technically true, but the loss is insignificant.

@dmvt dmvt added QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax and removed 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value labels Jun 22, 2022
@dmvt dmvt removed the invalid This doesn't seem right label Jul 8, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dmvt @code423n4 @0xMaharishi