- detector id:
round - severity: medium
Find if there is rounding used in arithmetic operations. Rounding without specifying direction may be exploited in DeFi. Refer to How to Become a Millionaire, 0.000001 BTC at a Time (neodyme.io) for more details.
Note: Rustle will not report rounding functions implemented by developers for specific purposes.
let fee = (amount * fee_rate).round();In this sample, contract developers should not use round to calculate the fee. Instead, they should use ceil or floor to specify the rounding direction.