Lines of code

Vulnerability details

Bug Description

In the OptionsPositionManager contract, specifically in the calculateAndSendFee function (lines 365 to 367), there are several mathematical errors that impact the accuracy of the feeAmount result. These errors can lead to incorrect fee calculations and potentially affect the intended behavior of the contract.

The first issue is related to the calculation of feeValueE8, where the comment indicates that the result should be in “e8” (10^(-8)), but the actual calculation results in a value with “e” in the range of 1 to 18, which is not necessarily 8.

The second issue is the presence of a /100 operation in the formula for calculating feeAmount. This division by 100 is not justified and can lead to a distorted result.

These errors combined can cause an incorrect feeAmount to be calculated and subsequently transferred to the treasury, potentially leading to unintended financial consequences.

Mitigation

To address these issues, the calculation of feeValueE8 should be reviewed to ensure that the correct scaling factor is applied. Additionally, the /100 division operation in the calculation of feeAmount should be removed.
This could be one of the solutions to this problems:

uint feeValueE8 = (token0Amount * oracle.getAssetPrice(token0) +
                       token1Amount * oracle.getAssetPrice(token1)) * 1e8 / (10**ERC20(token0).decimals() + 10**ERC20(token1).decimals());
    
    feeAmount = (feeValueE8 * 10**ERC20(collateralAsset).decimals()) / oracle.getAssetPrice(collateralAsset);

Assessed type

Math

The text was updated successfully, but these errors were encountered:

All reactions