Beedle - Oracle free perpetual lending

BeedleFi

DeFiFoundry

20,000 USDC

View results

Previous Next

Submission Details

Severity: high

Valid

Lack of slippage control / public function

0xgrbr

Summary

There's no slippage control calling uniswapV3. This is a very easy target for MEV and bots to do a flash loan sandwich attack.

Vulnerability Details

Calling uniswap v3 router without setting up a value for slippage tolerance (amountOutMin) means that the protocol can be attacked by sandwich bots.
Also, this function is public, which means that anyone can call this function without setting amountOutMin and frontrunning your swap.

Impact

100% slippage tolerance (amountOutMin = 0) can be exploited in a way that the sellProfits function receive much less value than it should had.

Tools Used

Manual Review

Recommendations

if this feature continues to be public, the recommendation is to do some onchain checks. (take a look at getQuoteAtTick https://docs.uniswap.org/contracts/v3/reference/periphery/libraries/OracleLibrary from uniswap v3)
If this functionality is "closed" by some level of authorization, always check if amountOutMin > 0 (you can also check onchain the asset price and set a hardcoded slippage control value)

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

706

28 USDC / LOC

High Medium

18,000 USDC

Low

2,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.