You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
999 is not the only case. for example take a look at the cases below:
Trying 1000:
expected fee 7.4875, shown fee: 7.487500000000001 TON
Trying 100000000
expected fee 250004.9875, shown fee: 250004.98750000002 TON
Reason
It's happening due to the nature of storing float numbers. since numbers are stored in their binary representation. Some decimal values cannot be represented accurately in binary format and cause these kinda weird results.
suggestion
To illuminate this and other potential arithmetic flaws avoid calculating with bare Javascript methods and utilize a battle-tested Math Library.
Side-note
The demonstrated difference between displayed and expected value may seem insignificant but a malicious user with repetition may harm the bridge and its users significantly.
Suggested Severity
High
Device
Desktop (please complete the following information):
OS: Windows 11
Browser: chrome
Version: 21H2
Chrome
Additional Context
No response
The text was updated successfully, but these errors were encountered:
Bug Type
Functional
Reproduction steps
1- open the bridge website
2- Input 999 in the input field "Amount of TON"
Actual result
Shown "Bridge Fees" is 7.484999999999999 TON
Expected result
According to Documentation "Bridge fees" is calculated as below:
input_amount= amount of TON which user inputs In the "Amount of TON" field (which is a minimum of 10TON)Bridge Fees= (Fixed 5 TON) + ( 0.25% of (input_amount- 5))Having 999 as input we have:
Bridge Fees= (5) + ( 0.25% * (999 - 5)) = 5 + 2.485 = 7.485 TONOther cases
999 is not the only case. for example take a look at the cases below:
Trying 1000:
expected fee7.4875,shown fee: 7.487500000000001 TONTrying 100000000
expected fee250004.9875,shown fee: 250004.98750000002 TONReason
It's happening due to the nature of storing float numbers. since numbers are stored in their binary representation. Some decimal values cannot be represented accurately in binary format and cause these kinda weird results.
suggestion
To illuminate this and other potential arithmetic flaws avoid calculating with bare Javascript methods and utilize a battle-tested Math Library.
Side-note
The demonstrated difference between displayed and expected value may seem insignificant but a malicious user with repetition may harm the bridge and its users significantly.
Suggested Severity
High
Device
Desktop (please complete the following information):
Chrome
Additional Context
No response
The text was updated successfully, but these errors were encountered: