Mismatch of Input and Output Tokens in TSwapPool::sellPoolTokens Causes Incorrect Token Amounts for Users
Summary
TSwapPool::sellPoolTokens mismatches input and output tokens causing users to receive the incorrect amount of tokens
Vulnerability Details
The sellPoolTokens function is designed to let users sell pool tokens and receive WETH in return. Users specify the number of pool tokens they want to sell using the poolTokenAmount parameter. However, the function currently miscalculates the swapped amount due to calling swapExactOutput instead of swapExactInput. Users specify the exact amount of input tokens, so the swapExactInput function should be used instead.
Impact
Users will end up swapping incorrect amounts of tokens, causing a significant disruption in the protocol's functionality.
Tools Used
Manual Review
Recommendations
Change the implementation to use swapExactInput instead of swapExactOutput. This also requires modifying the sellPoolTokens function to accept a new parameter, such as minWethToReceive, which will be passed to swapExactInput.
Appeal created
`sellPoolTokens` mismatches input and output tokens causing users to receive the incorrect amount of tokens
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.