Handle zero or undefined adaPerUsd in calculation

[aniket866]

fix this :Division by Zero Vulnerability

Location: djed-sdk/src/helpers.js in calculateBcUsdEquivalent

Issue: const eqPrice = (1e6 * amountFloat) / adaPerUsd;.

Impact: If adaPerUsd (fetched from oracle/contract) is 0 (e.g., during system pause or Oracle failure), this throws Infinity, causing UI crashes.

Fix: Add a check: if (!adaPerUsd || adaPerUsd === 0) return "0";.

@Zahnentferner

Summary by CodeRabbit

• Bug Fixes
  • Fixed calculation errors by properly handling invalid or zero exchange rate values, preventing computation failures and ensuring data integrity in financial operations.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

The change adds validation to the calculateBcUsdEquivalent helper function by inserting an early return that outputs "0" when the exchange rate (adaPerUsd) is invalid or zero, preventing division by zero errors.

Changes

Cohort / File(s)	Summary
Guard clause for exchange rate validation djed-sdk/src/helpers.js	Added early return in calculateBcUsdEquivalent to handle falsy or zero exchange rates, outputting "0" and preventing NaN results from subsequent division operations

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 A zero exchange makes calculations weep,
So we guard the gate before the math runs deep,
With an early return, we prevent the NaN,
One simple check, a defensive plan!

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding a guard to handle zero or undefined adaPerUsd values in the calculateBcUsdEquivalent function to prevent division-by-zero errors.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

Warning

Review ran into problems

🔥 Problems

Git: Failed to clone repository. Please run the @coderabbitai full review command to re-trigger a full review. If the issue persists, set path_filters to include or exclude specific files.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

djed-sdk/src/helpers.js (1)

116-123: Same division-by-zero vulnerability exists here.

calculateRcUsdEquivalent has the same unguarded division by adaPerUsd on line 121. Additionally, adaPerRc could also be invalid. Apply consistent defensive checks to this function as well.

🐛 Proposed fix

 export function calculateRcUsdEquivalent(coinsDetails, amountFloat) {
   const adaPerRc = parseFloat(coinsDetails?.scaledSellPriceRc);
   const adaPerUsd = parseFloat(
     coinsDetails?.scaledScExchangeRate.replaceAll(",", "")
   );
+  if (!adaPerUsd || adaPerUsd <= 0 || !adaPerRc) return "0";
   const eqPrice = (1e6 * amountFloat * adaPerRc) / adaPerUsd;
   return decimalScaling(eqPrice.toFixed(0).toString(10), 6);
 }

🧹 Nitpick comments (2)

djed-sdk/src/helpers.js (2)

107-107: Good fix for division-by-zero; minor redundancy in condition.

The guard correctly prevents division by zero and handles NaN from invalid inputs. However, adaPerUsd === 0 is redundant since !adaPerUsd already evaluates to true when adaPerUsd is 0 (falsy in JavaScript).

Consider also guarding against negative exchange rates, which would be invalid:

♻️ Suggested simplification

-  if (!adaPerUsd || adaPerUsd === 0) return "0";
+  if (!adaPerUsd || adaPerUsd <= 0) return "0";

---

128-132: Consider guarding against invalid adaPerSc for consistency.

While there's no division-by-zero risk here, if adaPerSc is NaN, the result will propagate NaN through the calculation, potentially causing "NaN" to appear in the UI. For consistency with the other functions, consider adding a guard.

♻️ Optional defensive check

 export function getScAdaEquivalent(coinsDetails, amountFloat) {
   const adaPerSc = parseFloat(coinsDetails?.scaledPriceSc.replaceAll(",", ""));
+  if (!adaPerSc || adaPerSc <= 0) return "0";
   const eqPrice = 1e6 * amountFloat * adaPerSc;
   return decimalScaling(eqPrice.toFixed(0).toString(10), 6);
 }