F-2026-0017·uncollected-fee

_handleMint fee is computed but never collected

Fixedbridgecross-chainkey-registrygithub.com/pdxwebdev/yadakeyeventwallet
TL;DR

_handleMint subtracts tokenFee from the minted amount but never transfers the fee to feeCollector, so the fee is silently discarded on every mint operation.

Severity
LOW
Impact
LOW
Likelihood
HIGH
Method
MManual review
CAT.
Complexity
LOW
Exploitability
LOW
02Section · Description

Description

_handleMint calculates a tokenFee and subtracts it from the minted amount, but never transfers the fee to feeCollector or anyone else.

03Section · Recommendation

Recommendation

Mint the fee to feeCollector:

solidity
function _handleMint(...) internal {
    ...
    uint256 tokenFee =
        (recipient.amount * mctx.feeInfo.fee) / maxFeeRate;
    uint256 netAmount = recipient.amount - tokenFee;


    IMockERC20(permit.token).mint(recipient.recipientAddress, netAmount);
    if (tokenFee > 0)
        IMockERC20(permit.token).mint(feeCollector, tokenFee);
}
04Section · Resolution

Resolution

YadaCoin, Confirmed.

Zealynx, Fixed.

Status
Fixed
ZEALYNX SECURITY · published 2026-03-05
F-2026-0017