Description

The protocol fails to account for precision loss inherent in integer division. Without a minimum fee enforcement, calculations for small input amounts resolve to zero. This creates a loophole where users can split their capital into dust amounts to avoid paying any fees during mint or redemption processes.

Impact

This oversight compromises the protocol's revenue stream, as fees can be systematically bypassed. Furthermore, it opens the door to DoS vectors where the network is congested with zero-fee dust transactions, disregarding the protocol's intended financial design.

Recommendations

We recommend to add fallback logic to enforce a minimum fee or minimum transaction size in minting or redemption.

Remediation

This issue has been acknowledged by Coinshift, and a fix was implemented in commit d14d8915↗.