Governance fee can be set to zero

[hats-bug-reporter]

Github username: --
Twitter username: 97Sabit
Submission hash (on-chain): 0x3d7281573f7522cc131a8e44606498a2f7738e86c5a0d81018b020878d40b42e
Severity: low

Description:
Description
There is no protection against setting governance fee and vault fee to zero.

There are two functions involved in setting governance fee - _setGovernanceFee and setGovernanceFee.

In both functions, there is no check against setting governance fee to 0.

In the localSwap function, _collectGovernanceFee function was called. If govnerance fee is set to zero, no governance fee will be received by the factory owner when a swap is done.

This is because of this check in _collectGovernanceFee:
if (governanceFeeShare != 0)

Also, there is no check against setting the _vaultFee to zero.

Though these functions have a specified caller, the fees can still be set to zero.

1. Proof of Concept (PoC) File

https://github.com/catalystdao/catalyst/blob/27b4d0a2bca177aff00def8cd745623bfbf7cb6b/evm/src/CatalystVaultCommon.sol#L366

https://github.com/catalystdao/catalyst/blob/27b4d0a2bca177aff00def8cd745623bfbf7cb6b/evm/src/CatalystVaultCommon.sol#L354

https://github.com/catalystdao/catalyst/blob/27b4d0a2bca177aff00def8cd745623bfbf7cb6b/evm/src/CatalystVaultAmplified.sol#L829

https://github.com/catalystdao/catalyst/blob/27b4d0a2bca177aff00def8cd745623bfbf7cb6b/evm/src/CatalystVaultCommon.sol#L347

https://github.com/catalystdao/catalyst/blob/27b4d0a2bca177aff00def8cd745623bfbf7cb6b/evm/src/CatalystVaultCommon.sol#L371

[reednaa]

The check is a gas optimisation: If the governance fee is 0 => don't worry about associated logic.

Governance fee is default 0.