Canto Application Specific Dollars and Bonding Curves for 1155s - firmanregar's results

Tokenizable bonding curves using a Stablecoin-as-a-Service token

General Information

Platform: Code4rena

Start Date: 13/11/2023

Pot Size: $24,500 USDC

Total HM: 3

Participants: 120

Period: 4 days

Judge: 0xTheC0der

Id: 306

League: ETH

Canto

Findings Distribution

Researcher Performance

Rank: 73/120

Findings: 1

Award: $4.08

QA:

grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest Page Github Contest Repository Github Findings Repository Canto

Findings Information

🌟 Selected for report: chaduke

Also found by: 0xpiken, Bauchibred, Matin, MohammedRizwan, MrPotatoMagic, OMEN, Pheonix, SandNallani, T1MOH, Topmark, ZanyBonzy, adriro, aslanbek, ayden, bareli, bart1e, bin2chen, btk, cheatc0d3, codynhat, critical-or-high, d3e4, erebus, firmanregar, hunter_w3b, jasonxiale, kaveyjoe, ksk2345, lsaudit, max10afternoon, merlinboii, nailkhalimov, osmanozdemir1, peanuts, pep7siup, pontifex, sbaudh6, shenwilly, sl1, tourist, wisdomn_, young, zhaojie

Awards

4.0797 USDC - $4.08

Labels

bug

downgraded by judge

grade-b

insufficient quality report

primary issue

QA (Quality Assurance)

Q-44

External Links

Link to GitHub issue

Lines of code

https://github.com/code-423n4/2023-11-canto/blob/ffda16eee803a256d18ce90e740d71e986dee1e7/1155tech-contracts/src/Market.sol#L285 https://github.com/code-423n4/2023-11-canto/blob/ffda16eee803a256d18ce90e740d71e986dee1e7/1155tech-contracts/src/Market.sol#L290

Vulnerability details

Impact

Performing division before multiplication can lead to precision loss. If the dividend is large, dividing early can lead to truncation or rounding errors.

If the divisor can be zero and you divide before checking, it may result in a runtime error or unexpected behavior, potentially leaving the contract in an inconsistent state.

In certain financial or mathematical calculations, the order of operations can impact the security of the contract. Incorrect calculations may lead to unintended financial consequences.

Proof of Concept

Market._splitFees(uint256,uint256,uint256) (1155tech-contracts/src/Market.sol#280-296) performs a multiplication on the result of a division:

shareHolderFee = (_fee * HOLDER_CUT_BPS) / 10_000 (1155tech-contracts/src/Market.sol#285)
shareData[_id].shareHolderRewardsPerTokenScaled += (shareHolderFee * 1e18) / _tokenCount (1155tech-contracts/src/Market.sol#290)

Tools Used

Manual Review

Recommended Mitigation Steps

Consider ordering multiplication before division.

Assessed type

Math

#0 - c4-pre-sort
2023-11-18T09:26:42Z

minhquanym marked the issue as insufficient quality report

#1 - minhquanym
2023-11-18T09:27:47Z

negligible loss. Consider QA

#2 - c4-pre-sort
2023-11-18T09:31:52Z

minhquanym marked the issue as primary issue

#3 - c4-judge
2023-11-29T17:45:38Z

MarioPoneder changed the severity to QA (Quality Assurance)

#4 - c4-judge
2023-11-29T22:41:27Z

MarioPoneder marked the issue as grade-b

Canto Application Specific Dollars and Bonding Curves for 1155s - firmanregar's results

Tokenizable bonding curves using a Stablecoin-as-a-Service token

General Information

Findings Distribution

Researcher Performance

External Links

[Q-44] QA Report - $4.08

Findings Information

Awards

Labels

External Links

Lines of code

Vulnerability details

Impact

Proof of Concept

Tools Used

Recommended Mitigation Steps

Assessed type

#0 - c4-pre-sort2023-11-18T09:26:42Z

#1 - minhquanym2023-11-18T09:27:47Z

#2 - c4-pre-sort2023-11-18T09:31:52Z

#3 - c4-judge2023-11-29T17:45:38Z

#4 - c4-judge2023-11-29T22:41:27Z

#0 - c4-pre-sort
2023-11-18T09:26:42Z

#1 - minhquanym
2023-11-18T09:27:47Z

#2 - c4-pre-sort
2023-11-18T09:31:52Z

#3 - c4-judge
2023-11-29T17:45:38Z

#4 - c4-judge
2023-11-29T22:41:27Z