5 matches found
Potential Loss of Funds Due to Zero Slippage Hardcoding in TalosBaseStrategy#deposit
Lines of code Vulnerability details Impact In the deposit function within the TalosBaseStrategy contract, both slippage for two tokens amount0Min and amount1Min are hardcoded to zero. This can have severe implications as users may unintentionally accept a minimum of zero output tokens from a swap...
Not using slippage parameter when interacting with AMMs
Lines of code Vulnerability details Impact The slippage parameters are hardcoded to 0, meaning the minimum amount can be 0. The absence of slippage protection causes transactions to be vulnerable to front running. This can result in users potentially losing their funds. Proof of Concept...
Hardcoded slippage can lead to user's transactions being front run
Lines of code Vulnerability details Vulnerability details Impact Since all the main function that the user execute implement slippage, attackers can front run any user transaction since the slippage amount is set to 1% on all the lines of code listed above. This can lead to sandwich attacks. Proo...
no slippage check
Lines of code Vulnerability details in the function swapAndAddLiquidity it makes a call swapExactTokensForTokens with slippage hard coded to 1 this could lead to the user receiving much less tokens than expected due to being frontrun / sandwiched which will result in a loss of funds recommend...
TransmuterBuffer's _alchemistWithdraw use hard coded slippage that can lead to user losses
Lines of code Vulnerability details exchange - exchange - alchemistWithdraw is user funds utilizing call sequence and the slippage hard coded to 1% there can cause a range of issues. For example, if there is not enough shares, the number of shares to withdraw will be unconditionally reduced to th...