35 matches found
Depository.sol#L291 : Lack of slippage protection when deposit tokens in exchange for a bond from a specified product
Lines of code Vulnerability details Impact Lack of slippage protection for an user from minting the OLAs for the given token amount. When the price fluctuation is high, user would suffer with huge loss. Proof of Concept Depository contract would be used to create a product and for a particular...
lack of slippage protection for increaseLiquidity, and decreaseLiquidity
Lines of code Vulnerability details Impact Lack of slippage protection for increasing and decreasing liquidity can cause the liquidity provider to provide liquidity at an unfavorable price. Or the borrower to borrow/repay in a manipulated pool. Proof of Concept When adding liquidity eventually...
Slippage protection missing
Lines of code Vulnerability details The MaxHeap contract does not check for slippage when updating item values. This could enable the admin to manipulate asset prices. Recommendation: Implement slippage protection by adding min/max checks in updateValue: function updateValueuint256 itemId, uint25...
increaseLiquidity/decreaseLiquidity Lack of slippage protection
Lines of code Vulnerability details Vulnerability details In ParticlePositionManager.mint, there is slippage protection by params.amount0Min / params.amount1Min But in increaseLiquidity, pool.mint will also be executed There is no slippage protection function increaseLiquidity uint256 tokenId,...
liquidator will always take what is left of borrowers premium
Lines of code Vulnerability details Impact A liquidator can manipulate the pool they are swapping in to take any potential left over premium from the borrower. Proof of Concept When liquidating a position the liquidator essentially closes the position on behalf of the borrower for a liquidation...
CurveTricryptAdapter::primitiveOutputAmount & Curve2PoolAdapter::primitiveOutputAmount can swap without slippage tolerance
Lines of code Vulnerability details Impact While there is a “Slippage protection” implementation in the contract if uint256minimumOutputAmount outputAmount revert SLIPPAGELIMITEXCEEDED; There is no validation that minimumOutputAmount is not set to 0. This can result in lost of funds. Although Oce...
Lack of Slippage Protection in CurveTricryptoAdapter::primitiveOutputAmount and Curve2PoolAdapter::primitiveOutputAmount
Lines of code Vulnerability details Impact Due to the lack of slippage protection in the CurveTricryptoAdapter::primitiveOutputAmountand Curve2PoolAdapter::primitiveOutputAmount, user deposits and withdrawals are vulnerable to being sandwich attacked. Proof of Concept...
Slippage Handling
Lines of code Vulnerability details Impact The primitiveOutputAmount function reverts the transaction if the output amount is less than the minimumOutputAmount, which is a strict slippage protection. This could lead to failed transactions due to normal price fluctuations in the Curve pool. Proof ...
LACK OF DEADLINE AND SLIPPAGE CHECKS COULD PROMPT THE USERS TO EXECUTE THE BUY AND SELL TRANSACTIONS AT UNFAVOURABLE PRICE POINTS
Lines of code Vulnerability details Impact The Market.sol contract implements four functions which depend on the linear bonding curve to calculate the price and fee amounts associated with their logic execution. These functions are Market.buy, Market.sell, Market.mintNFT and Market.burnNFT. The...
Lack of slippage protection for depositRewards() in AfEth.sol makes it susceptible to sandwich attacks
Lines of code Vulnerability details Bug Description In VotiumStrategyCore.sol, the buyCvx function calls exchangeunderlying of Curve's ETH / CVX pool to buy CVX: VotiumStrategyCore.solL233-L240 ICrvEthPoolCVXETHCRVPOOLADDRESS.exchangeunderlying value: ethAmountIn 0, 1, ethAmountIn, 0 // this is...
Functions in the VotiumStrategy contract are susceptible to sandwich attacks
Lines of code Vulnerability details Bug Description In VotiumStrategyCore.sol, the buyCvx and sellCvx functions call exchangeunderlying of Curve's ETH / CVX pool to buy and sell CVX respectively: VotiumStrategyCore.solL233-L240 ICrvEthPoolCVXETHCRVPOOLADDRESS.exchangeunderlying value: ethAmountIn...
VotiumStrategyCore.applyRewards can be sandwhiched
Lines of code Vulnerability details Impact VotiumStrategyCore.applyRewards can be sandwhiched, so users rewards will be lost. Proof of Concept VotiumStrategyCore.applyRewards will be used in order to swap all rewards to eth and then distribute eth to the safEth or vEth. The problem here is that...
Missing Slippage Protection in unwrap function
Lines of code Vulnerability details Summary The unwrap function swaps rUSDY to USDY and calls the oracle during these process to get the current USDY price. There is no slippage protection implemented, which can lead to loss of funds. Vulnerability Details Unexpected changes between the call to t...
Missing slippage protection in _swap()
Lines of code Vulnerability details Impact Without slippage, If the price of the tokens changes significantly during the swap, it could result in a large slippage, causing users to lose a significant amount of funds. An attacker can watch the mempool and then using flash bots execute a sandwich...
TokenisableRange.sol claimFee function allows more slippage than intended due to incorrect calculation
Lines of code Vulnerability details Impact In TokenisableRange.sol, claimFee collects swap fees generated in uniswap and compound these fees by minting to Uniswap pool. During minting collected fees back in uniswap, slippage protection is conducted by comparing addedValue - a value based on added...
Lack of protection when withdrawing Static Atoken
Lines of code Vulnerability details Impact The Aave plugin is associated with an ever-increasing exchange rate. The earlier a user wraps the AToken, the more Static Atoken will be minted and understandably no slippage protection is needed. However, since the rate is not linearly increasing,...
Interactions with Pool do not use valid deadlines for operations
Lines of code Vulnerability details Impact Miner can potentially hold the transaction which results in loss of funds for users. Proof of Concept File: TalosBaseStrategy.sol liquidityDifference, amount0, amount1 = nonfungiblePositionManager.increaseLiquidity...
Vulnerable to MEV exploitation due to lack of slippage protection
Lines of code Vulnerability details Proof of Concept Function to decrease and increase liquidity are passing amount0Min and amount1Min as zero. This will result in MEV bots sandwiching transactions to extract value from it. In the worst case it will actually return zero or a very small value in...
Slippage protection minOut autoSwapThreshold is not effective when swapping the token
Lines of code Vulnerability details Impact In the current model, the minimum output minOut amount for the auto-swap is set to match the autoSwapThreshold, which is fixed at 4 CANTO. This configuration might result in potential market risks due to fluctuations in the value of CANTO, potentially...
Missing slippage protection leads to potential sandwich of small transfers or blocking the swap feature
Lines of code Vulnerability details Impact The swap module is invoked with a default of coinswaptypes.InputCoin: transferredCoin, Address: recipient.String, coinswaptypes.OutputCoin: swapCoins, Address: recipient.String. The swap module makes sure that in tokens of the swap are limitted to...