Lines of code
<https://github.com/code-423n4/2023-08-shell/blob/c61cf0e01bada04c3d6055acb81f61955ed600aa/src/proteus/EvolvingProteus.sol#L312>
Users can incure losses do to lack of slippage control.
Detailed description of the impact of this finding.
Slippage control helps to safeguard user funds against price falling below a certain threshold. This can be caused byfrontrunning attack.
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
Take for instance.
1β’ UserA tries to swap his xtoken for ytoken
2β’ malicious user then on seeing this runs a frontrun attack which increases the volume of xtoken in the pool, lowering itβs price.
3β’ UserA transaction goes through but due to the reduced price of xtoken, it swaps for lesser number if ytokens than the user intended thereby leaging to losses for the user.
Manual review
Add slippage parameter to the swap functions
Invalid Validation
The text was updated successfully, but these errors were encountered:
All reactions