The Standard

Summary

the smart vault's swap function arises from executing swaps with zero slippage tolerance when collateralValueMinusSwapValue >= requiredCollateralValue, enabling potential front-running attacks in the mempool.

Vulnerability Details

The swap function in the smart vault uses UniswapV2Router to swap tokens. Before execution, the minimumAmountOut() function calculates the minimum output tokens needed for adequate collateralization. It returns a minimumAmountOut value used as a parameter for the swap. The amountOutMinimum parameter is designed to prevent slippage and, more importantly sandwich and front-running attacks.

However, a vulnerability arises when collateralValueMinusSwapValue >= requiredCollateralValue, resulting in a return value of 0. This causes the swap to proceed with zero slippage tolerance, enabling anyone monitoring the mempool to front-run the vault owner's transaction. Such a scenario allows the attacker to profit from a guaranteed trade.

POC

1. The vault owner calls swap() to trade ETH/PAXG. The amountOutMinimum() function is invoked, returning 0, as the vault remains sufficiently collateralized post-swap.

2. A hacker monitoring the mempool spots this transaction and buys a significant amount of PAXG, driving up its price.

3. Since SmartVault3#swap accepts any minimum amount out (0), the trade proceeds.

4. The hacker then exchanges their PAXG for ETH, profiting from the artificially inflated PAXG price due to the sandwich attack.

5. As a result, the user receive less PAXG tokens for their trade.

Impact

loss of funds for user on a trade

Tools Used

Manual

Recommendations

Add minimum return amount checks ! 0