Platform: Code4rena
Start Date: 30/05/2023
Pot Size: $300,500 USDC
Total HM: 79
Participants: 101
Period: about 1 month
Judge: Trust
Total Solo HM: 36
Id: 242
League: ETH
Rank: 93/101
Findings: 1
Award: $23.84
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: peakbolt
Also found by: 0xStalin, 0xTheC0der, BPZ, LokiThe5th, RED-LOTUS-REACH, adeolu, bin2chen, jasonxiale, kodyvim, kutugu, ltyu, ubermensch
23.8445 USDC - $23.84
The _normalizeDecimals function, in its current implementation, could lead to incorrect balance calculations and token transfers, affecting any mechanism in the system that relies on it.
The _normalizeDecimals function's formula should be _amount * (1 ether) / (10 ** _decimals) to correctly normalize to 18 decimals. But the current implementation uses _amount * (10 ** _decimals) / 1 ether, which results in incorrect conversions.
Additionally, tokens with decimals greater than 18 aren't correctly handled.
Manual Review
The _normalizeDecimals function should be revised to correctly normalize amounts to 18 decimals. Here's a proposed implementation:
function _normalizeDecimals(uint256 _amount, uint8 _decimals) internal pure returns (uint256) { return _decimals == 18 ? _amount : _amount * (10 ** (18 - _decimals)); }
This new implementation ensures that the correct normalization is applied and it only accepts tokens with decimals less than or equal to 18.
Decimal
#0 - c4-judge
2023-07-09T15:20:55Z
trust1995 marked the issue as duplicate of #758
#1 - c4-judge
2023-07-09T15:20:59Z
trust1995 marked the issue as satisfactory
#2 - trust1995
2023-07-28T11:17:54Z
Partial credit for detecting 1/3 of the primary's issues.
#3 - c4-judge
2023-07-28T11:17:59Z
trust1995 marked the issue as partial-25