Executing `SmartVaultV3` swaps becomes impractical when the collateral exceeds the required amount.
Summary
During the calculation of minAmountOut, if collateralValueMinusSwapValue is greater than or equal to the required collateral value, minAmountOut is set to zero. This makes the swap susceptible to high slippage, potentially leading to a loss of funds for the vault owners.
Vulnerability Details
When SmartVaultV3.swap() is called, the minAmountOut parameter is calculated on-chain by the SmartVaultV3;calculateMinimumAmountOut() function (shown below).
The function calculateMinimumAmountOut() verifies that the remaining collateral, after deducting the amount of tokens intended for the swap, exceeds the required collateral (minted * _manager.collateralRate() / _manager.HUNDRED_PC()). If this condition holds true, the resulting minAmountOut is set to zero. Consequently, the swap lacks any form of slippage control, making it prone to high slippage or, worse, becoming a target for sandwich MEV operators, resulting in significant losses for the vault owner.
Impact
Users with sufficient collateral, where collateralValueMinusSwapValue >= requiredCollateralValue, are unable to execute swaps without facing the risk of high slippage.
Tools Used
Manual Review
Recommended Mitigation
On those situations that (collateralValueMinusSwapValue >= requiredCollateralValue), consider allowing the minAmountOut be set by the function caller.
Lead Judging Commences
Slippage-issue
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.