This repository has been archived by the owner on Dec 22, 2024. It is now read-only.
PNS - Loss Calculation Bug in Request Execution #175
Labels
Duplicate
A valid issue that is a duplicate of an issue with `Has Duplicates` label
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Disputed
The sponsor disputed this issue's validity
Won't Fix
The sponsor confirmed this issue will not be fixed
Comments
sherlock-admin3
added
Won't Fix
github-actions
bot
added
Medium
sherlock-admin3
added
Sponsor Disputed
sherlock-admin2
changed the title
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
PNS
Medium
Loss Calculation Bug in Request Execution
Summary
The protocol incorrectly calculates the loss incurred during the execution of a request. As a result, the protocol will not be able to accurately track its losses.
Vulnerability Detail
he
GasProcess:processExecutionFee()function is used to calculate and verify how much the user has paid for executing a request. If the paid amount is less than the actual gas cost, the protocol records a loss. However, due to the incorrect order of operations, the loss is always zeroed out.The current logic sets
executionFeetocache.userExecutionFeebefore calculatinglossFee, which results inlossFeealways being zero.Impact
The protocol will not correctly record the loss, leading to inaccurate financial tracking and potential mismanagement of funds.
Code Snippet
Tool used
Manual Review
Recommendation
hange the order of operations to correctly calculate the loss before updating the
executionFee.if (executionFee > cache.userExecutionFee) { + lossFee = executionFee - cache.userExecutionFee; executionFee = cache.userExecutionFee; - lossFee = executionFee - cache.userExecutionFee; } else {This adjustment ensures that
lossFeeis calculated based on the originalexecutionFeebefore it is modified to matchcache.userExecutionFee.Duplicate of #108
The text was updated successfully, but these errors were encountered: