Platform: Code4rena
Start Date: 09/12/2022
Pot Size: $90,500 USDC
Total HM: 35
Participants: 84
Period: 7 days
Judge: GalloDaSballo
Total Solo HM: 12
Id: 192
League: ETH
Rank: 80/84
Findings: 1
Award: $1.15
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: 0xA5DF
Also found by: 0xA5DF, 0xNazgul, 0xSmartContract, 0xbepresent, 0xdeadbeef0x, 8olidity, Englave, Faith, HE1M, JohnnyTime, Madalad, Mukund, Ruhum, SmartSek, __141345__, aviggiano, carlitox477, cccz, chaduke, francoHacker, gz627, gzeon, hansfriese, hihen, imare, jadezti, kwhuo68, ladboy233, orion, peanuts, philogy, rbserver, wait, yjrwkk
1.1472 USDC - $1.15
An admin may set unconstrained fees for opening and closing trades in the Trading.sol smart contract, in the setFees function.
An admin mistakenly (or deliberately, maliciously) might add a fee that is very large, which will lead to users loosing money using the trading platform, also the admin might set a fee higher than 100% which will make the trading contract unusable since transactions will be reverted.
Manual Review
Add relevant checks and constrains before setting the fees, especially dao and burn fees.
#0 - TriHaz
2022-12-23T02:16:52Z
Duplicate of #15
#1 - c4-judge
2022-12-23T17:56:37Z
GalloDaSballo marked the issue as duplicate of #514
#2 - c4-judge
2023-01-22T13:48:26Z
GalloDaSballo marked the issue as duplicate of #377
#3 - c4-judge
2023-01-22T17:35:04Z
GalloDaSballo marked the issue as satisfactory