Zero slippage
Summary
Setting the amountOutMinimum to 0, means the minimum amount the user is willing to receive from the swap is 0. This creates an avenue for the transaction to be frontrun and the user losing all their funds from the swap.
Vulnerability Details
In the sellProfits function from Fees.sol, the amountOutMinimum and sqrtPriceLimitX96 are hardcoded to 0.
https://github.com/Cyfrin/2023-07-beedle/blob/658e046bda8b010a5b82d2d85e824f3823602d27/src/Fees.sol#L24-L45
This means a user can swap out all their _profits and receive 0 weth in return, because they can easily get frontrun by MEV bots.
Impact
The code tells the swap that the user will accept a minimum amount of 0 output tokens from the swap, opening up the user to a catastrophic loss of funds via MEV bot sandwich attacks.
Tools Used
Manual review
Recommendations
DeFi platforms must allow users to specify a slippage parameter: the minimum amount of tokens they want to be returned from a swap.
Platforms should also provide a sensible default if the user doesn't specify a value, but user-specified slippage parameters must always override platform defaults.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.