Platform: Code4rena
Start Date: 07/09/2022
Pot Size: $20,000 CANTO
Total HM: 7
Participants: 65
Period: 1 day
Judge: 0xean
Total Solo HM: 3
Id: 159
League: ETH
Rank: 59/65
Findings: 1
Award: $39.22
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: lukris02
Also found by: 0x040, 0x1f8b, 0x52, 0xA5DF, 0xNazgul, 0xSky, Bnke0x0, Bronicle, CertoraInc, Chom, CodingNameKiki, Deivitto, Diraco, Dravee, EthLedger, IgnacioB, JC, JansenC, Jeiwan, R2, RaymondFam, ReyAdmirado, Rolezn, SinceJuly, TomJ, Tomo, Yiko, a12jmx, ajtra, ak1, codexploder, cryptphi, csanuragjain, erictee, fatherOfBlocks, gogo, hake, hansfriese, hickuphh3, ignacio, ontofractal, oyc_109, p_crypt0, pashov, peritoflores, rajatbeladiya, rbserver, rokinot, rvierdiiev, tnevler
242.8216 CANTO - $39.22
https://github.com/code-423n4/2022-09-canto/blob/6f98ffa7ec55c2ca03aa4cd2301503487f0c412d/src/Swap/BaseV1-core.sol#L387 https://github.com/code-423n4/2022-09-canto/blob/6f98ffa7ec55c2ca03aa4cd2301503487f0c412d/src/Swap/BaseV1-core.sol#L391 https://github.com/code-423n4/2022-09-canto/blob/6f98ffa7ec55c2ca03aa4cd2301503487f0c412d/src/Swap/BaseV1-core.sol#L430 https://github.com/code-423n4/2022-09-canto/blob/6f98ffa7ec55c2ca03aa4cd2301503487f0c412d/src/Swap/BaseV1-core.sol#L441-L442
Solidity integer division might truncate. As a result, performing multiplication before division can sometimes avoid loss of precision.
https://github.com/code-423n4/2022-09-canto/blob/6f98ffa7ec55c2ca03aa4cd2301503487f0c412d/src/Swap/BaseV1-core.sol#L441-L442 https://github.com/code-423n4/2022-09-canto/blob/6f98ffa7ec55c2ca03aa4cd2301503487f0c412d/src/Swap/BaseV1-core.sol#L430 https://github.com/code-423n4/2022-09-canto/blob/6f98ffa7ec55c2ca03aa4cd2301503487f0c412d/src/Swap/BaseV1-core.sol#L391 https://github.com/code-423n4/2022-09-canto/blob/6f98ffa7ec55c2ca03aa4cd2301503487f0c412d/src/Swap/BaseV1-core.sol#L387
In case the divisor is higher than the dividend, that equation could result in an unexpected number. Example: Normal Math:
(10/20) * 2 => 1/2 * 2 = 1
Solidity:
(10/20) * 2 => 0 * 2 = 0
In soldity it should be coded:
(2 * 10) /20 = 1
Rustol and Slither
Perform multiplication before division.
#0 - nivasan1
2022-09-09T23:59:11Z
In each of these cases, the numerator in divisions are either scaled by 1e18 before the division, or the numerator is a product of two values scaled by 1e18. In either case, the final division is un-scales the numerator. In other cases, cubing a value that is scaled by 1e18 opens the possibilities for overflows with values that are very likely, as such, it is worth having some integer truncation in this arithmetic, as opposed to risking overflows.
#1 - 0xean
2022-09-14T18:46:40Z
Warden fails to show impact of this issue and therefore I do not believe this issue can be judged to be medium risk without a clear impact of it leading to the following
2 — Med: Assets not at direct risk, but the function of the protocol or its availability could be impacted, or leak value with a hypothetical attack path with stated assumptions, but external requirements.
downgrading to QA