Judge has assessed an item in Issue #41 as Medium risk. The relevant finding follows:
L02: Lack of upper bound for feeRate
Line References
<https://github.com/code-423n4/2022-05-cally/blob/1849f9ee12434038aa80753266ce6a2f2b082c59/contracts/src/Cally.sol#L120>
Description
Fees can be set above 1e18, preventing options from being exercised.
Recommended Mitigation Steps
Consider having a hard cap of x% < 100%.
// Eg. cap protocol fee to max 5%
require(feeRate_ < 5e16, βfeeRate limit exceededβ);
The text was updated successfully, but these errors were encountered:
All reactions