The Standard
The Standard
DeFiHardhat
20,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Valid

Fixed fee level is used when swapping tokens

zanybonzy

Summary

Hardcoded uniswap fees significantly the possibilities and can lead to non optimal routes.

Vulnerability Details

In SmartVaultV3 contract, swap funtion is used to swap tokens, and constructs ISwapRouter.ExactInputSingleParams, using fixed fee 3000 (0.3%) level:

ISwapRouter.ExactInputSingleParams memory params = ISwapRouter.ExactInputSingleParams({
tokenIn: inToken,
tokenOut: getSwapAddressFor(_outToken),
fee: 3000, //@note
recipient: address(this),
deadline: block.timestamp,
amountIn: _amount - swapFee,
amountOutMinimum: minimumAmountOut,
sqrtPriceLimitX96: 0
});

However, not all pools in Uniswap are created with fee level being 3000, some are 10000, some 500; THis can case that the swap pool might not exist. ALso, the available pool of that fee level might not be the most optimal, it could be a low liwuidity pool.

Impact

Loss of funds, incomplete transactions, inability to correctly make swaps.

Tools Used

Manual code review

Recommendations

Replace the 3000 parameter with fee and allow owner to pass the fee in a parameter.

Updates

Lead Judging Commences

hrishibhat Lead Judge almost 2 years ago
Submission Judgement Published
Validated
Assigned finding tags:

fixed-uni-fee

hrishibhat Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

hardcoded-fee

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.