The normalized sum of the weight is not always equal to 1

Question

The normalized sum of the weight is not always equal to 1

ggrieco-tob opened this issue 4 years ago · comments

Severity: Informational
Difficulty: Low

Description

It is possible to have a normalized sum of the token weight that is not equal to 1.

The whitepaper states the sum of normalized token weights should be equal to 1. However, inherent rounding issues in the division performed getNormalizedWeight function can accumulate in the sum and result in a values less than 1.

Exploit Scenario

Alice creates a new pool. She reviews the documentation and incorrectly assumes that the sum of normalized weight token will be 1. As a result of that, she incorrectly implement onchain/offchain code to interact with the pool, potentially causing unexpected results (e.g. rounding issues, zero division) in her code.

Recommendation

Short term, properly document this rounding issue and make sure users understand that this property is not strictly enforced.

Long term, consider using Echidna and Manticore to normalized weights are correctly computed.

Mike McDonald · Answer 1 · Wed Feb 05 2020 23:17:00 GMT+0800 (China Standard Time)

Documented at: https://docs.balancer.finance/-LtRAKuhb1ZIm1X-H-IS/smart-contracts/api#getnormalizedweight

Mike McDonald · Answer 2 · Tue Feb 18 2020 23:10:08 GMT+0800 (China Standard Time)

https://docs.balancer.finance/smart-contracts/api#getnormalizedweight