Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fee_protocol cannot be set, protocol is not able to earn fees. #24

Closed
c4-bot-8 opened this issue Sep 11, 2024 · 1 comment
Closed

fee_protocol cannot be set, protocol is not able to earn fees. #24

c4-bot-8 opened this issue Sep 11, 2024 · 1 comment
Labels
2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working duplicate-8 🤖_primary AI based primary recommendation 🤖_03_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards sufficient quality report This report is of sufficient quality

Comments

@c4-bot-8
Copy link
Contributor

Lines of code

https://github.com/code-423n4/2024-08-superposition/blob/4528c9d2dbe1550d2660dac903a8246076044905/pkg/seawater/src/pool.rs#L31

Vulnerability details

Impact

fee_protocol cannot be set, protocol is not able to earn fees.

Proof of Concept

StoragePool::fee_protocol needs to be set non-zero for protocol to earn trading fees. However, there is no method to set fee_protocol, neither is fee_protocol initialized during pool creation. As a result, fee_protocol will always be zero. And the protocol can never earn or collect trading fees.

In swap(), wee see only when fee_protocol is greater than zero, will protocol fee be accumulated.

//pkg/seawater/src/pool.rs
    pub fn swap(
        &mut self,
        zero_for_one: bool,
        amount: I256,
        mut price_limit: U256,
    ) -> Result<(I256, I256, i32), Revert> {
...
            if fee_protocol > 0 {
                let delta = step_fee_amount.wrapping_div(U256::from(fee_protocol));
                step_fee_amount -= delta;
                state.protocol_fee += u128::try_from(delta).or(Err(Error::FeeTooHigh))?;
            }
...

(https://github.com/code-423n4/2024-08-superposition/blob/4528c9d2dbe1550d2660dac903a8246076044905/pkg/seawater/src/pool.rs#L449-L452)

But here is no method to initialize or modify fee_protocol of a pool. See init() where only the overall trading fees(pool::fee) are initialized, but fee_protocol cannot be set.

    pub fn init(
        &mut self,
        price: U256,
        fee: u32,
        tick_spacing: u8,
        max_liquidity_per_tick: u128,
    ) -> Result<(), Revert> {
        assert_eq_or!(
            self.sqrt_price.get(),
            U256::ZERO,
            Error::PoolAlreadyInitialised
        );

        self.sqrt_price.set(price);
        self.cur_tick
            .set(I32::lib(&tick_math::get_tick_at_sqrt_ratio(price)?));

        self.fee.set(U32::lib(&fee));
        self.tick_spacing.set(U8::lib(&tick_spacing));
        self.max_liquidity_per_tick
            .set(U128::lib(&max_liquidity_per_tick));

        Ok(())
    }

(https://github.com/code-423n4/2024-08-superposition/blob/4528c9d2dbe1550d2660dac903a8246076044905/pkg/seawater/src/pool.rs#L49)

Tools Used

Manual

Recommended Mitigation Steps

Add a method to allow the admin to set a pool’s fee_protocol when needed.

Assessed type

Other
@c4-bot-8 c4-bot-8 added 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working labels Sep 11, 2024
c4-bot-5 added a commit that referenced this issue Sep 11, 2024
@c4-bot-5
oakcobalt issue #24
5433a13
@c4-bot-11 c4-bot-11 added the 🤖_03_group AI based duplicate group recommendation label Sep 13, 2024
@c4-bot-12 c4-bot-12 added the 🤖_primary AI based primary recommendation label Sep 13, 2024
@howlbot-integration howlbot-integration bot added sufficient quality report This report is of sufficient quality duplicate-8 labels Sep 16, 2024
@c4-judge c4-judge added the satisfactory satisfies C4 submission criteria; eligible for awards label Sep 23, 2024
@c4-judge
Copy link
Contributor

alex-ppg marked the issue as satisfactory

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working duplicate-8 🤖_primary AI based primary recommendation 🤖_03_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards sufficient quality report This report is of sufficient quality
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@c4-judge @c4-bot-8 @c4-bot-11 @c4-bot-12