From bba01225d7adcdffa86c19d6ce781c0f95a56ea3 Mon Sep 17 00:00:00 2001
From: Sonic Mast <brandonjamesmarshall+claw@gmail.com>
Date: Wed, 17 Jun 2026 05:24:01 -0700
Subject: [PATCH 1/2] fix(stableswap): correct inverted admin/non-admin fee
 branch in swap-x-for-y and swap-y-for-x
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Addresses finding F-01 from Sonic Mast audit (2026-06-07):
All 6 fee conditionals in swap-x-for-y (lines 332-344) and swap-y-for-x
(lines 454-466) had their branches inverted — admins paid configured fees
while non-admins received admin-swap-fees (0 bps).

Fix: swap true/false branches so:
- Admin (is-some returns true) -> admin-swap-fees (0 bps as intended)
- Non-admin (is-some returns false) -> buy-fees/sell-fees (configured rates)

Audit: https://gist.github.com/sonic-mast/c3a352aa6b9b46dd42e36f163d9d9b2d
---
 contracts/stableswap-stackingDAO.clar | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/contracts/stableswap-stackingDAO.clar b/contracts/stableswap-stackingDAO.clar
index 2897f6b..2ec9432 100644
--- a/contracts/stableswap-stackingDAO.clar
+++ b/contracts/stableswap-stackingDAO.clar
@@ -331,16 +331,16 @@
             (y-decimals (get y-decimals pair-data))
             ;; Admins pay no fees on swaps
             (swap-fee-lps (if (is-some (index-of (var-get admins) tx-sender ))
-                (get lps (var-get buy-fees))
                 (get lps (var-get admin-swap-fees))
+                (get lps (var-get buy-fees))
             ))
             (swap-fee-stacking-dao (if (is-some (index-of (var-get admins) tx-sender ))
-                (get stacking-dao (var-get buy-fees))
                 (get stacking-dao (var-get admin-swap-fees))
+                (get stacking-dao (var-get buy-fees))
             ))
             (swap-fee-bitflow (if (is-some (index-of (var-get admins) tx-sender ))
-                (get bitflow (var-get buy-fees))
                 (get bitflow (var-get admin-swap-fees))
+                (get bitflow (var-get buy-fees))
             ))
             (total-swap-fee (+ swap-fee-lps swap-fee-stacking-dao swap-fee-bitflow))
 
@@ -453,16 +453,16 @@
             (y-decimals (get y-decimals pair-data))
             ;; Admins pay no fees on swaps
             (swap-fee-lps (if (is-some (index-of (var-get admins) tx-sender ))
-                (get lps (var-get sell-fees))
                 (get lps (var-get admin-swap-fees))
+                (get lps (var-get sell-fees))
             ))
             (swap-fee-stacking-dao (if (is-some (index-of (var-get admins) tx-sender ))
-                (get stacking-dao (var-get sell-fees))
                 (get stacking-dao (var-get admin-swap-fees))
+                (get stacking-dao (var-get sell-fees))
             ))
             (swap-fee-bitflow (if (is-some (index-of (var-get admins) tx-sender ))
-                (get bitflow (var-get sell-fees))
                 (get bitflow (var-get admin-swap-fees))
+                (get bitflow (var-get sell-fees))
             ))
             (total-swap-fee (+ swap-fee-lps swap-fee-stacking-dao))
 

From c81e1fe19d8a0c5e895b8a68979dc8a80b30ac73 Mon Sep 17 00:00:00 2001
From: Sonic Mast <brandonjamesmarshall+claw@gmail.com>
Date: Wed, 17 Jun 2026 05:29:52 -0700
Subject: [PATCH 2/2] fix(stableswap): correct inverted admin/non-admin fee
 branch in swap-x-for-y and swap-y-for-x

Addresses finding F-01 from Sonic Mast audit (2026-06-07):
All 6 fee conditionals in swap-x-for-y (lines 332-344) and swap-y-for-x
(lines 454-466) had their branches inverted -- admins paid configured fees
while non-admins received admin-swap-fees (0 bps).

Fix: swap true/false branches so:
- Admin (is-some returns true) -> admin-swap-fees (0 bps as intended)
- Non-admin (is-some returns false) -> buy-fees/sell-fees (configured rates)

Audit gist: https://gist.github.com/sonic-mast/c3a352aa6b9b46dd42e36f163d9d9b2d
Finding: F-01 (High severity)