Lack of Check for inputReserves in getOutputAmountBasedOnInput Function Can Result in Incorrect Calculation
Summary
The getOutputAmountBasedOnInput function does not validate the inputReserves parameter, leading to potential errors if it is set to zero. This oversight affects the accuracy of calculations dependent on this function.
Vulnerability Details
The getOutputAmountBasedOnInput function calculates outputAmount based on inputAmount, inputReserves, and outputReserves. However, it lacks a check for inputReserves, allowing it to be set to zero. This causes the function to return zero, which can lead to incorrect or unexpected behavior downstream in functions that rely on its output.
Impact
f inputReserves is set to zero, any calculations relying on getOutputAmountBasedOnInput will produce incorrect results, potentially causing transactions to revert or proceed with unexpected values. This can disrupt the intended operation of functions like swapExactInput, leading to protocol instability or failures.
##POC
Tools Used
Manual code review
Recommendations
Implement a check in getOutputAmountBasedOnInput to ensure inputReserves is greater than zero before performing calculations. This check will prevent the function from returning zero unexpectedly and will help maintain the integrity of calculations throughout the protocol.
"I know that there is no impact but i knew that after i write it"
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.