No Check for '0' feeAmount

[c4-bot-5]

Lines of code

https://github.com/code-423n4/2024-01-decent/blob/011f62059f3a0b1f3577c8ccd1140f0cf3e7bb29/src/UTB.sol#L228

Vulnerability details

Impact

Potential Denial of Service (DoS) Attack with FeeAmount Check

Proof of Concept

https://github.com/code-423n4/2024-01-decent/blob/011f62059f3a0b1f3577c8ccd1140f0cf3e7bb29/src/UTB.sol#L108

https://github.com/code-423n4/2024-01-decent/blob/011f62059f3a0b1f3577c8ccd1140f0cf3e7bb29/src/UTB.sol#L259

In the code at line number 236 in the UTB.sol, there is a modifier that does not checks if the FeeAmount is 0. This condition, if not handled properly, can be exploited to perform a Denial of Service (DoS) attack by causing the affected functionality to be repeatedly called without incurring any fees.

If the FeeAmount is set to 0, the modifier will always fail, preventing the execution of the intended functionality.

Recommended Mitigation Steps

It is recommended to review the logic in the https://github.com/code-423n4/2024-01-decent/blob/011f62059f3a0b1f3577c8ccd1140f0cf3e7bb29/src/UTB.sol#L228 modifier and ensure that a FeeAmount of 0 is handled appropriately to prevent potential DoS attacks.
Add this on Line #233

require(feeCollector.FeeAmount > 0, "FeeAmount must be greater than 0");






## Assessed type

DoS

[c4-pre-sort]

raymondfam marked the issue as sufficient quality report

[c4-pre-sort]

raymondfam marked the issue as duplicate of #15

[c4-pre-sort]

raymondfam marked the issue as not a duplicate

[c4-pre-sort]

raymondfam marked the issue as insufficient quality report

[c4-pre-sort]

raymondfam marked the issue as duplicate of #157

[c4-judge]

alex-ppg marked the issue as unsatisfactory:
Invalid