users will lose funds due to lack of slippage control in LibUnripeConvert::convertLPToBeans
Summary
https://github.com/Cyfrin/2024-04-beanstalk-2/blob/27ff8c87c9164c1fbff054be5f22e56f86cdf127/protocol/contracts/libraries/Convert/LibUnripeConvert.sol#L22C5-L59C9
Vulnerability Details
https://github.com/Cyfrin/2024-04-beanstalk-2/blob/27ff8c87c9164c1fbff054be5f22e56f86cdf127/protocol/contracts/libraries/Convert/LibUnripeConvert.sol#L22C5-L59C9
uint256 minAmountOut = LibUnripe .unripeToUnderlying(tokenOut, minBeans, IBean(C.UNRIPE_BEAN).totalSupply()) .mul(LibUnripe.percentLPRecapped()) .div(LibUnripe.percentBeansRecapped());
The formula does not incorporate any mechanism for handling slippage
Impact
users will lose funds due to lack of slippage control in LibUnripeConvert::convertLPToBeans. The will receive less tokens when the function is called.
Tools Used
Manual Review
Recommendations
Allow users to set a maximum slippage tolerance level, ensuring that the transaction reverts if the slippage exceeds this threshold. This gives users control over the maximum loss they are willing to accept due to slippage.
Lead Judging Commences
Informational/Invalid
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.