calculateUsableTick calculation is not done properly . #267
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
insufficient quality report
This report is not of sufficient quality
🤖_52_group
AI based duplicate group recommendation
Lines of code
https://github.com/code-423n4/2024-05-predy/blob/e96f378007e3dc56b184079f0c0e4fe48a72efaa/src/libraries/Reallocation.sol#L109
Vulnerability details
When calculating the calculateUsableTick is should be considered the fractional part and if fractional part is less than 0.5, it rounds to the lower integer; when it’s greater than 0.5 it rounds to the greater integer; and when it’s 0.5, it rounds to the greater integer as well. But this calculateUsableTick calculation its not consider this & round down to the lower integer always.
Proof of Concept
calculateUsableTick
From Uniswap V3 docs
Where Math.round is rounding to the nearest integer: when the fractional part is less than 0.5, it rounds to the lower integer; when it’s greater than 0.5 it rounds to the greater integer; and when it’s 0.5, it rounds to the greater integer as well.
Impact
Incorrect calculation of nearest usable tick
Tools Used
Manual Review
Recommended Mitigation Steps
Use these 2 functions for calculateUsableTick. (As Uniswap V3 docs)
Assessed type
Uniswap
The text was updated successfully, but these errors were encountered: