Loud Snowy Marmot
Medium
L0ckin7 Medium
The _protocolFees are deducted from the _pairedOut amount, but the _protocolFees are not reset or properly accounted for in subsequent transactions.
This could lead to incorrect fee calculations, if _pairedOut is less than _amountIn (due to slippage), the fee calculation could result in a larger fee than intended, reducing the amount available for LP conversion.
This could lead to a loss of funds for users or the protocol.
The issue can be fixed by calculating the protocol fee based on the input amount (_amountIn) rather than the output amount (_pairedOut). Additionally, the fee should be deducted from the input amount before processing the swap.
function _tokenToPodLp(address _token, uint256 _amountIn, uint256 _amountLpOutMin, uint256 _deadline)
internal
returns (uint256 _lpAmtOut)
{
// Calculate protocol fee based on input amount
uint256 _protocolFeeAmount = (_amountIn * protocolFee) / 1000;
if (_protocolFeeAmount > 0) {
_protocolFees += _protocolFeeAmount; // Add fee to protocol fees
_amountIn -= _protocolFeeAmount; // Deduct fee from input amount
}
// Process the remaining input amount
uint256 _pairedOut = _tokenToPairedLpToken(_token, _amountIn);
if (_pairedOut > 0) {
_lpAmtOut = _pairedLpTokenToPodLp(_pairedOut, _deadline);
require(_lpAmtOut >= _amountLpOutMin, "M");
}
}This ensures that the fee is consistent and proportional to the user's input.