Colossal Chiffon Urchin
High
Inclusion of Protocol Fees and Donations in marketFunds. Funds in: fundsPaid Funds distribute: fundsPaid + protocolFee + donation
The marketFunds variable is intended to track the funds invested in the market. However, in the buyVotes function, marketFunds is incremented by fundsPaid, which includes both the funds used to buy votes and the protocol fees and donations. This inconsistency leads to marketFunds inaccurately representing the actual funds invested in the market.
// Determine how many votes can be bought with the funds provided
(
uint256 votesBought,
--> uint256 fundsPaid,
,
uint256 protocolFee,
uint256 donation,
uint256 minVotePrice,
uint256 maxVotePrice
) = _calculateBuy(markets[profileId], isPositive, msg.value);
...
// tally market funds
--> marketFunds[profileId] += fundsPaid; while (fundsAvailable >= votePrice) {
fundsAvailable -= votePrice;
fundsPaid += votePrice;
votesBought++;
market.votes[isPositive ? TRUST : DISTRUST] += 1;
votePrice = _calcVotePrice(market, isPositive);
}
--> fundsPaid += protocolFee + donation;
maxPrice = votePrice;
return (votesBought, fundsPaid, votePrice, protocolFee, donation, minPrice, maxPrice);
}Later marketFunds can be withdraw in withdrawGraduatedMarketFunds which means that donation fees will be withdrawn by market owner as well due to incorrect accounting
No response
No response
No response
donation fees will be lost
No response
For all these function I think it suppose to be like this
// Calculate and refund remaining funds
uint256 refund = msg.value - fundsPaid;
if (refund > 0) _sendEth(refund);
// tally market funds
- marketFunds[profileId] += fundsPaid;
+ marketFunds[profileId] += fundsPaid - protocolFee - donation;