The Standard

Summary

Unoptimal pools will be used in uniswap because of hardcoded fee variable which leads to loss of user funds.

Vulnerability Details

UniswapV3 pools have different fee amounts. Same pair can have 0.05% fee pool, 0.3% fee pool and also 1% fee pool. Swap function in SmartVaultV3 hardcodes the fee parameter to 3000 which corresponds to 0.3% fee as shown below:

I will give my example from USDC-WBTC pool because other pools are not liquid enough(Submitted this as a seperate vulnerability). But it is also applies to other pools (I am using the USDC-WBTC just as an example). Also it is possible for protocol to use USDC and some other tokens as specified in contest page.

Here is the %0.05 percent fee pool address for USDC-WBTC: 0x0E4831319A50228B9e450861297aB92dee15B44F

Here is the %0.3 percent fee pool address for USDC-WBTC: 0x6985cb98CE393FCE8d6272127F39013f61e36166

As we can see %0.05 percent fee pool have nearly thrice more liquidity hence it is the optimal pool for this pair (slippage will be less), and also fee percent is 6 time less then the other pool (which is obvious).

But because of the hardcoded fee variable in swap, the unoptimal pool will be used in swap.

Impact

It is high likelihood because it will happen for every swap, it's impact is medium because user's will receive less worth of collateral after swap (they will lose funds) with respect to optimal pool. Hence I consider this as a medium severity vulnerability.

Tools Used

Manual Review

Recommendations

For every pair it is best to add a struct such that it returns the optimal fee for pairs (admin can add these fee tiers), then use that variable instead of hardcoded one.