Omniscia Evergon Labs Audit
PropWrappedAssetsFeeCollectorFacetStorage Manual Review Findings
PropWrappedAssetsFeeCollectorFacetStorage Manual Review Findings
PWF-01M: Inexistent Validation of Fee Proportion
| Type | Severity | Location |
|---|---|---|
| Logical Fault |  | PropWrappedAssetsFeeCollectorFacetStorage.sol:L102 |
Description:
The fee proportion is not validated to be at most BASE_100_PERCENT, resulting in an underflow failure.
Impact:
A misconfigured fee proportion will cause the acquisition of fees on wrapped assets to fail.
Example:
packages/contracts/contracts/privateFacets/preFractionsFacets/PropWrappedAssetsFeeCollectorFacetStorage.sol
127function acquireWrappedAssetsFees(128 Layout storage l,129 uint256 wrapperNftId,130 IWrapper.WrappedObjectType[] memory wtypes,131 address[] memory tokens,132 uint256[] memory ids,133 uint256[] memory values134) internal returns (uint256[] memory, uint256[] memory) {135 if (!l.isInitialized) revert MissingInitialization();136 // No need to check equality of arrays length, if they are not equal then wrapper will revert anyways137
138 IWrapper.BeneficiaryPartiallyUnwrapAssetsInput memory assetsInput;139
140 if (l.feeProportion > 0) {141 uint256 length = wtypes.length;142 uint256 divider = GeneralStorage.BASE_100_PERCENT;143
144 assetsInput.nftId = wrapperNftId;145 assetsInput.tokens = tokens;146 assetsInput.ids = ids;147 assetsInput.values = new uint256[](length);148 assetsInput.beneficiary = l.feeCollector;149
150 for (uint256 i; i < length; ) {151 if (wtypes[i] == IWrapper.WrappedObjectType.ERC721) revert UnsupportedTypeForOperation();152
153 assetsInput.values[i] = (values[i] * l.feeProportion) / divider;154
155 values[i] -= assetsInput.values[i];156 unchecked {157 i += 1;158 }159 }160
161 // The function percentageBeneficiaryPartiallyUnwrapAssets is not used, because in case of rounding errors162 // some funds will not be stored in the preFractionFacets.163 IWrapper(GeneralStorage.layout().wrapper).beneficiaryPartiallyUnwrapAssets(assetsInput);164 }165
166 // Return the values left wrapped after fee provision and the fee values provided (unwrapped ones)167 return (values, assetsInput.values);168}Recommendation:
We advise the code to ensure that the maximum feeProportion imposed is BASE_100_PERCENT, preventing such misbehaviours from arising.
Alleviation (d682057ecb0e254069773d64f32c068cedb71e2a):
The feeProportion is now validated as advised, yielding a WrongInitializationData error if it has been configured to a value greater than BASE_100_PERCENT.