The Standard
The Standard
DeFiHardhat
20,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

`sqrtPriceLimitX96` in `ExactInputSingleParams` is hardcoded to 0

0xepley

Summary

The swap function in SmartVaultV3.sol sets sqrtPriceLimitX96 to 0, which is suboptimal.

Vulnerability Details

Referencing the Uniswap v3 documentation (https://docs.uniswap.org/contracts/v3/guides/swaps/single-swaps#swap-input-parameters), sqrtPriceLimitX96 is designed to "set the limit for the price the swap will push the pool to, which can help protect against price impact or for setting up logic in a variety of price-relevant mechanisms." However, in the swap function, this parameter is hardcoded to 0, rendering it ineffective.

ISwapRouter.ExactInputSingleParams memory params = ISwapRouter.ExactInputSingleParams({
tokenIn: inToken,
tokenOut: getSwapAddressFor(_outToken),
fee: 3000, // hardcoded
recipient: address(this),
deadline: block.timestamp,
amountIn: _amount - swapFee,
amountOutMinimum: minimumAmountOut,
: 0
});

Impact

The hardcoded value of 0 for sqrtPriceLimitX96 exposes the swap function to potential vulnerabilities, including increased price impact, susceptibility to front-running, and unpredictable outcomes in dynamic market conditions.

Tools Used

Manual Review

Recommendations

Adjust the swap function to use a dynamic and calculated value for sqrtPriceLimitX96.

Updates

Lead Judging Commences

hrishibhat Lead Judge almost 2 years ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

informational/invalid

nabeel Submitter
almost 2 years ago
hrishibhat Lead Judge
almost 2 years ago
hrishibhat Lead Judge almost 2 years ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

informational/invalid

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!