Panoptic - petro_1912's results

Lines of code

https://github.com/code-423n4/2024-04-panoptic/blob/main/contracts/CollateralTracker.sol#L247-L251 https://github.com/code-423n4/2024-04-panoptic/blob/main/contracts/CollateralTracker.sol#L261-L263

Vulnerability details

Impact

Swap commission is paid on the intrinsic value based on s_ITMSpreadFee in CollateralTracker contract. If s_ITMSpreadFee is zero, then swap commission can not be paid.

Proof of Concept

    function startToken(
        bool underlyingIsToken0,
        address token0,
        address token1,
        uint24 fee,
        PanopticPool panopticPool
    ) external {
        
        __SNIP__
        // cache the pool fee in basis points
        uint24 _poolFee;
        unchecked {
            _poolFee = fee / 100; // @audit below fee 0.01%, then _poolFee = 0  
        }
        s_poolFee = _poolFee;

        ...

        __SNIP__        
        // Additional risk premium charged on intrinsic value of ITM positions
        unchecked {
            s_ITMSpreadFee = uint128((ITM_SPREAD_MULTIPLIER * _poolFee) / DECIMALS);
        }
    }

As you can see above code snippet, If fee(Uniswap fee) is below 100, then _poolFee and s_ITMSpreadFee can be zero. Currently, there are no such pools that have below 0.01% fee on the UniswapV3. But Uniswap fee level can be adjusted by the governance proposal like November 2021. Here is the mention about it in Uniswap Protocol. Uniswap v3 introduces multiple pools for each token pair, each with a different swapping fee. Liquidity providers may initially create pools at three fee levels: 0.05%, 0.30%, and 1%. More fee levels may be added by UNI governance, e.g. the 0.01% fee level added by this governance proposal in November 2021, as executed here. https://dune.com/jcarnes/The-StableSwap-Wars Competitions between Protocols like Uniswap and Carbon, more fee levels can be added in the future.

Indeed, there are several discussions on the less fee levels in stable coins pair. https://gov.bancor.network/t/custom-taker-fee-on-stable-to-stable-trades/4370

• Carbon has a protocol wide fee of 20 BP (basis points).
• This fee, while appropriate for volatile pairs - is not in line with the market when it comes to stable to stable trades.
• For reference, Uniswap added a 1 BP fee option (0.01%) - in November 2021 (link)
• This proposal seeks to take this one step further and introduce a fee of 0.001% on stable to stable trades. This is 1/10th of a single basis point.

If protocol fee is less than 100 (i.e fee < 0.01 %), then PanopticPool's swap commission can not be taken.

Tools Used

Manual review

Recommended Mitigation Steps

Use Uniswap's DECIMALS (1e6) instead 10_000 and update all code related to DECIMALS.

Assessed type

Uniswap