Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Memecoin Launcher>Low findings>Fee amount may be rounded to zero
GeneralOverview
Findings
High (2)
Medium (1)
Low (4)Identifiable anonymous tokensFee amount may be rounded to zeroEdit function does not change ERC-20 symbol and nameNative ETH may be sent by mistake in some cases
Informational (1)
DiscussionToken names and symbols may be identicalPrice gap during deploymentIncomplete documentationCentralization riskVariable DEX deploy price creates arbitrage opportunity
Threat ModelWhat are threat models?PondFun.sol
Audit ResultsAssessment Results
Category: Coding Mistakes

Fee amount may be rounded to zero

Low Severity
Low Impact
Medium Likelihood

Description

To swap an _amountIn of ETH or tokens, the user has to pay a swap fee. The fee calculation is done as follows:

fee = (_amountIn * $.config.tradeFeeBps) / WEI6;

In Solidity, if the amount is less than WEI6 / $.config.tradeFeeBps, the fee is rounded down to zero.

Impact

It may be economical for a user to deploy a contract that repeatedly purchases a small amount of tokens, instead of executing a large purchase all at once, to avoid the trade fee. If they do this, the user will pay more gas, but this gas may be cheaper than the fee, depending on the size of the tradeFeeBps parameter.

Recommendations

The division by WEI6 should round up, instead of down. Alternatively, ensure that tradeFeeBps is always low enough that the gas needed per trade size to exploit this rounding error is more expensive than just paying the fee.

Remediation

This issue has been acknowledged by PondFun, and a fix was implemented in commit 07f6d3ea.

Zellic © 2025Back to top ↑