Beedle - Oracle free perpetual lending
BeedleFi
DeFiFoundry
20,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Valid

The 0.3% fee Uniswap pool for the specified token pair may not be the most liquid one leading to worse price impact and slippage

KrisApostolov

Summary

The sellProfits function is always using the 0.3% fee pool, which may not be the most liquid one for the specified token pair, leading to worse slippage and price impact.

Vulnerability Details

The sellProfits function in Fees.sol swaps profits from one token to WETH. The issue arises due to the contract only using the 0.3% fee pools for each of the swaps.

ISwapRouter.ExactInputSingleParams memory params = ISwapRouter
.ExactInputSingleParams({
tokenIn: _profits,
tokenOut: WETH,
fee: 3000, // @audit the fee is hard coded to 0.3% in basis points <
recipient: address(this),
deadline: block.timestamp,
amountIn: amount,
amountOutMinimum: 0,
sqrtPriceLimitX96: 0
});

This is an issue because some pairs' 0.3% pools may not be the most liquid ones. If the pool is not the most liquid one the swap will experience higher slippage than needed, losing some amount of funds in the process.

Impact

The slippage on swaps in pools with less liquidity will be higher than can be even with proper slippage tolerance.

Tools Used

Manual Review

Recommendations

Consider checking the liquidity in each of the available pools for the pair and swapping in the most liquid one.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.