Using oracle to calculate slippage can cause significant loss due to sandwich attacks
Summary
SmartVaultV3#swap() function relies solely on oracle price data when determining the slippage parameter during a swap. This is problematic as chainlink oracles, have threshold before triggering a price update. This can be exploited via sandwich attacks
Vulnerability Details
function calculateMinimumAmountOut(bytes32 _inTokenSymbol, bytes32 _outTokenSymbol, uint256 _amount) private view returns (uint256) {
ISmartVaultManagerV3 _manager = ISmartVaultManagerV3(manager);
uint256 requiredCollateralValue = minted * _manager.collateralRate() / _manager.HUNDRED_PC();
uint256 collateralValueMinusSwapValue = euroCollateral() - calculator.tokenToEur(getToken(_inTokenSymbol), _amount);
return collateralValueMinusSwapValue >= requiredCollateralValue ?
0 : calculator.eurToToken(getToken(_outTokenSymbol), requiredCollateralValue - collateralValueMinusSwapValue);
}
When determining the minimum return from the swap, calculateMinimumAmountOut directly uses oracle data to determine the final output. The differences between the true value and the oracle value can be exploited via sandwich attacks. This can cause significant loss to the user.
Impact
Purely oracle derived slippage parameters will lead to significant and unnecessary losses. As the sponor said that this function is used to calculate amount out that to make sure that the vault will not be able to be liquidated, vault still can be liquidated right after the swap because of the differences
Tools Used
Manual review
Recommendations
Allow user to specify their own slippage value. Instead of using an oracle slippage parameter
Lead Judging Commences
informational/invalid
informational/invalid
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.