You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Dec 31, 2023. It is now read-only.
When swapping decimal-18-token to decimal-8-token , user could buy decimal-18-token with 0 amount of decimal-8-token
Summary
Due to calculation errors, users can purchase a certain quantity of 18-decimal tokens (such as DAI) using 8-decimal tokens with a quantity of 0 (e.g., WBTC on ETH).
Attens1423
changed the title
attens - Whenswap decimal-18-token to decimal-8-token , user could buy decimal-18-token with 0 amount of decimal-8-token
attens - When swapping 18-decimal token to 8-decimal token , user could buy decimal-18-token with 0 amount of decimal-8-token
Jul 17, 2023
Fix looks good. Previously if swapping a lower precision token, the precision loss could be abused to by small amounts of higher DP tokens, though the amount gained would almost always be too small for any abuse profitably. 0 amount from token swaps are now always rounded up to 1.
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
MediumA valid Medium severity issueWill FixThe sponsor confirmed this issue will be fixed
medium
When swapping decimal-18-token to decimal-8-token , user could buy decimal-18-token with 0 amount of decimal-8-token
Summary
Due to calculation errors, users can purchase a certain quantity of 18-decimal tokens (such as DAI) using 8-decimal tokens with a quantity of 0 (e.g., WBTC on ETH).
Vulnerability Detail
Here is the poc:
Impact
It may cause unexpected loss
Tool Used
Manual Review
Recommendation
In buyToken() of D3Trading.sol, add this rule:
The text was updated successfully, but these errors were encountered: