Patch Review
Incorrect performance fee calculation
We've reviewed the changes introduced in commit , specifically addressing the incorrect performance fee calculation in computeHarvestFee()
which lead to undercharging on gains.
The fix resolves the undercharging issue by changing the perfFeeNum
to multiply by SECONDS_IN_YEAR
rather than timeElapsed
. The updated logic appears sound.
-uint256 perfFeeNum = config.performanceFee * timeElapsed;
+uint256 perfFeeNum = config.performanceFee * SECONDS_IN_YEAR;
We also reviewed:
Upgrade safety: No concerns identified with respect to fee changes.
Integer safety: Confirmed that the calculation remains safe under 256-bit constraints; no risk of overflow.
Access control: The newly introduced
claimMiscellaneousRewards
function includes appropriate access control for sending non-strategy tokens to fee-recipient.
Based on our review, this patch effectively resolves the reported issue and introduces no new security concerns.