Alchemix Transmuter

Summary

The _swapUnderlyingToAsset function in the StrategyOp contract lacks robust slippage control mechanisms. While the function enforces that minOut > _amount, this simplistic check places full reliance on the caller to provide appropriate minOut values. This creates a vulnerability where suboptimal swaps can occur, resulting in reduced yields or losses for depositors under manipulated or volatile market conditions.

Technical Details

Code Reference

The _swapUnderlyingToAsset function currently implements a minimal slippage control check:

https://github.com/Cyfrin/2024-12-alchemix/blob/82798f4891e41959eef866bd1d4cb44fc1e26439/src/StrategyOp.sol#L95

Workflow Context

1. Input: The function receives _amount (WETH), minOut (alETH), and a swap path.

2. Process:

   • Checks that minOut > _amount.

   • Ensures sufficient underlying balance.

   • Executes a token swap using the Velo Router.

3. Output: The function transfers the resulting tokens (alETH) to the strategy.

Issue:

The function's reliance on the caller to set an appropriate minOut introduces risks:

• Simplistic Control: The minOut > _amount check does not validate the actual market conditions or path efficiency.

• Caller-Dependent Safeguard: Malicious or careless input values for minOut can result in suboptimal swaps.

Exploitation Scenarios

Scenario 1: Slippage Exploitation

1. Setup:

   • An attacker manipulates the swap path or creates market volatility, impacting the token exchange rate.

   • The attacker sets minOut to a value slightly above _amount, ensuring the check passes.

2. Execution:

   • The function executes the swap, accepting a reduced output that is just above _amount.

3. Impact:

   • The strategy receives significantly less alETH than it should under fair market conditions.

Scenario 2: Yield Reduction

1. Setup:

   • In volatile market conditions, the actual swap rate drops significantly.

   • The function still executes the swap due to a loose minOut value.

2. Impact:

   • The strategy experiences a reduced yield, negatively affecting depositors.

Impact Analysis

Severity: Medium

• Financial Impact:

  • Suboptimal swaps lead to reduced yields, directly affecting user returns.

  • Quantifiable example: A swap intended to yield 100 alETH results in only 90 alETH, causing a 10% loss.

• Operational Impact:

  • Repeated suboptimal swaps degrade the strategy’s performance and user trust.

Root Cause Analysis

1. Simplistic Slippage Control:

   • The check minOut > _amount does not account for actual market conditions or potential manipulation.

2. Caller Dependency:

   • Relies entirely on the caller to set an appropriate minOut.

Mitigation Recommendations

1. Implement Market-Based Slippage Controls

• Validate minOut against market conditions using price oracles:

  uint256 oraclePrice = getOraclePrice(); // Fetch price from a trusted oracle

  require(minOut >= (_amount * oraclePrice) / 1e18, "Unfavorable swap rate");

  ​

2. Enforce Maximum Slippage Tolerance

• Allow the caller to specify a slippage percentage, e.g., 1%, and calculate minOut dynamically:

  uint256 minOutThreshold = (_amount * (1e18 - slippageTolerance)) / 1e18;

  require(minOut >= minOutThreshold, "Slippage exceeds tolerance");

  ​

Proof of Concept (PoC)

Step-by-Step Reproduction:

1. Deploy the contract and initialize the router.

2. Execute _swapUnderlyingToAsset with the following parameters:

   • _amount: 1,000 WETH.

   • minOut: 1,100 alETH.

   • _path: Manipulated swap path.

3. Manipulate the market or path to yield only 1,050 alETH during the swap.

4. Observe the reduced yield despite the swap executing successfully.