No slippage protection in `TSwapPool::swapExactOutput` could cause user to pay more in exchange of the specified output token especially when market conditions are turbulent.
Summary
In TSwapPool::swapExactOutput, there is no input parameter like maxInputAmount that user can specify to enable a slippage protection within the function. This could cause user to pay unexpectedly high amount of input token to exchange for a specified output token
Vulnerability Details
The function TSwapPool::swapExactOutput does not have any input parameter and check to limit the maximum input amount to protect user from paying a high amount of input token unexpectedly when market conditions are turbulent. In comparison to a similar function TSwapPool::swapExactInput, the function does provide slippage protection through minOutputAmount. The protocol should implement the same slippage protection for TSwapPool::swapExactOutput as well by enabling the protection with maxInputAmount
Impact
User could potentially pay an unexpectedly high input amount in exchange for a specified output token especially when market conditions are turbulent
Tools Used
Manual review
Recommendations
Implement slippage protection via maxInputAmount in TSwapPool::swapExactOutput
Appeal created
Lack of slippage protection in `TSwapPool::swapExactOutput` causes users to potentially receive way fewer tokens
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.