Upgraded Q -> M from #70 [1668468349340] #517
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
duplicate-139
satisfactory
satisfies C4 submission criteria; eligible for awards
Judge has assessed an item in Issue #70 as M risk. The relevant finding follows:
Flash loan fee can be set to 100%
Contract:
https://github.com/code-423n4/2022-10-traderjoe/blob/main/src/LBFactory.sol#L474
Issue:
In setFlashLoanFee function, If Admin has set flashloan fee to 100% then user taking X amount as flashloan has to pay a fee equal to X which does not make sense
function setFlashLoanFee(uint256 _flashLoanFee) external override onlyOwner {
uint256 _oldFlashLoanFee = flashLoanFee;
Recommendation:
Implement a upper bound on flashloan fee
The text was updated successfully, but these errors were encountered: