The code employs an on-chain slippage calculation mechanism through the calculateMinimumAmountOut
function, utilized within the swap
function. Consequently, this function may return 0
when the collateralization is deemed adequate.
The absence of slippage checks and minimum return amount validations in the code could result in trades occurring at suboptimal prices, potentially leading to the reception of fewer tokens than would be expected at prevailing fair market rates. This vulnerability might expose the vault owner to risks of incurring losses due to unfavorable prices at the time of trade execution. Because the swap
function will call ExactInputSingleParams
function with amountOutMinimum
set to 0
:
The risk associated with the absence of slippage and minimum return amount checks lies in potential price volatility during the swap. Trades can happen at a bad price and lead to receiving fewer tokens than at a fair market price.
Manual review.
Ensure that users are allowed to specify their own slippage parameters which were calculated on their own e.g off-chain.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.