Beedle - Oracle free perpetual lending
BeedleFi
DeFiFoundry
20,000 USDC
View results
Previous Next
Submission Details
Severity: high
Valid

the slippage protection not provided in sellProfits

avci

Summary

the slippage protection not provided sellProfits

Vulnerability Details

As part of the vault strategy, all tokens will be swapped into WETH. The swaps for these tokens are done with no slippage at the moment, i.e. the expected output amount for all of them is given as 0.

The swap is called with amountOutMinimum: 0, meaning that there is no slippage protection in this swap.

instance:

function sellProfits(address _profits) public {
require(_profits != WETH, "not allowed");
uint256 amount = IERC20(_profits).balanceOf(address(this));
ISwapRouter.ExactInputSingleParams memory params = ISwapRouter
.ExactInputSingleParams({
tokenIn: _profits,
tokenOut: WETH,
fee: 3000,
recipient: address(this),
deadline: block.timestamp,
amountIn: amount,
amountOutMinimum: 0,
sqrtPriceLimitX96: 0
});
amount = swapRouter.exactInputSingle(params);
IERC20(WETH).transfer(staking, IERC20(WETH).balanceOf(address(this)));
}
}

as you see the amountOutMinimum: 0, is set to 0 in here

Impact

This could result in a significant loss of yield from this reward as MEV bots could “sandwich” this swap by manipulating the price before this transaction and immediately reversing their action after the transaction, profiting at the expense of our swap.

Tools Used

manually

Recommendations

  • Introduce some slippage parameters into the swaps.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.