Upgraded Q -> M from #70 [1668468349340] #517

c4-judge · 2022-11-14T23:25:49Z

Judge has assessed an item in Issue #70 as M risk. The relevant finding follows:

Flash loan fee can be set to 100%
Contract:
https://github.com/code-423n4/2022-10-traderjoe/blob/main/src/LBFactory.sol#L474

Issue:
In setFlashLoanFee function, If Admin has set flashloan fee to 100% then user taking X amount as flashloan has to pay a fee equal to X which does not make sense

function setFlashLoanFee(uint256 _flashLoanFee) external override onlyOwner {
uint256 _oldFlashLoanFee = flashLoanFee;

    if (_oldFlashLoanFee == _flashLoanFee) revert LBFactory__SameFlashLoanFee(_flashLoanFee);

    flashLoanFee = _flashLoanFee;
    emit FlashLoanFeeSet(_oldFlashLoanFee, _flashLoanFee);
}

Recommendation:
Implement a upper bound on flashloan fee

The text was updated successfully, but these errors were encountered:

c4-judge · 2022-11-14T23:26:21Z

GalloDaSballo marked the issue as duplicate of #139

Simon-Busch · 2022-12-05T06:30:50Z

Marked this issue as Satisfactory as requested by @GalloDaSballo

c4-judge added the 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value label Nov 14, 2022

c4-judge closed this as completed Nov 14, 2022

c4-judge added the duplicate-139 label Nov 14, 2022

Simon-Busch added the satisfactory satisfies C4 submission criteria; eligible for awards label Dec 5, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Upgraded Q -> M from #70 [1668468349340] #517

Upgraded Q -> M from #70 [1668468349340] #517

c4-judge commented Nov 14, 2022

c4-judge commented Nov 14, 2022

Simon-Busch commented Dec 5, 2022

Upgraded Q -> M from #70 [1668468349340] #517

Upgraded Q -> M from #70 [1668468349340] #517

Comments

c4-judge commented Nov 14, 2022

c4-judge commented Nov 14, 2022

Simon-Busch commented Dec 5, 2022