# Attackathon \_ Fuel Network 33302 - \[Smart Contract - Medium] Exp function does not work correctly Submitted on Wed Jul 17 2024 10:20:43 GMT-0400 (Atlantic Standard Time) by @shadowHunter for [Attackathon | Fuel Network](https://immunefi.com/bounty/fuel-network-attackathon/) Report ID: #33302 Report type: Smart Contract Report severity: Medium Target: Impacts: * Griefing (e.g. no profit motive for an attacker, but damage to the users or the protocol) * Compiler bug ## Description ## Brief/Intro It seems like `exp` function will always return `UFP128::from((1, 0))` no matter what argument is passed. This happens due to mistake in the return variable ```diff -- let res = one; ++ let res = one + _res_minus_1; ``` ## Vulnerability Details 1. Observe the `exp` function ``` impl Exponent for UFP128 { fn exp(exponent: Self) -> Self { let one = UFP128::from((1, 0)); let p2 = one / UFP128::from((2, 0)); let p3 = one / UFP128::from((6, 0)); let p4 = one / UFP128::from((24, 0)); let p5 = one / UFP128::from((120, 0)); let p6 = one / UFP128::from((720, 0)); let p7 = one / UFP128::from((5040, 0)); // common technique to counter losing sugnifucant numbers in usual approximation let _res_minus_1 = exponent + exponent * exponent * (p2 + exponent * (p3 + exponent * (p4 + exponent * (p5 + exponent * (p6 + exponent * p7))))); let res = one; res } } ``` 2. Observe that res is simply returning `one` instead of `one + _res_minus_1` which will be correct exp ## Impact Details Dapp relying on sway library will find itself with incorrect computation of exp. If the resulting was financial calculation then this will cause fund loss to the dapp user ## References ## Proof of concept ## Proof of Concept ``` fn foo() { let mut one = UFP128::from((1, 0)); let two = UFP128::from((2, 0)); res = UFP128::exp(two); assert(res != one); } ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://reports.immunefi.com/fuel-network-or-attackathon/attackathon-_-fuel-network-33302-smart-contract-medium-exp-function-does-not-work-correctly.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.