This repository has been archived by the owner on Nov 26, 2023. It is now read-only.
TheNaubit - Rebalancer executes swaps without slippage protection #211
Comments
github-actions
bot
added
High
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
TheNaubit
high
Rebalancer executes swaps without slippage protection
Summary
The rebalancer contract calls
USSD#UniV3SwapInputfunction that executes swaps without slippage protection. That will cause a loss of funds because of sandwich attacks.Vulnerability Detail
The
UniV3SwapInputfunction calls the Uniswap V3 functionExactInputParamsto perform swaps (used to rebalance the protocol) but it is setting the paramamountOutMinimumto 0, meaning there is no slippage protection in this swap.Here is a similar report in the past: sherlock-audit/2023-01-derby-judging#64
Impact
Having set the
amountOutMinimumparam to 0 means there is no slippage protection in the swap. Therefore swaps will be sandwiched causing a loss of funds every time the protocol rebalances.Code Snippet
https://github.com/sherlock-audit/2023-05-USSD/blob/main/ussd-contracts/contracts/USSD.sol#L237
Tool used
Manual Review
Recommendation
Slippage parameter should be included in the function call and not be 0.
Duplicate of #673
The text was updated successfully, but these errors were encountered: