Lack of mechanism to ensure premium swaps in StrategyArb contract
Summary
The StrategyArb contract is intended to perform token swaps at a premium, ensuring that the value of the output token is greater than the input token. However, the current implementation lacks a built-in mechanism to guarantee this premium, relying instead on the caller to set the minimum output parameter (_minOut) correctly. This report identifies the potential issue and provides recommendations for mitigation.
Vulnerability Details
In the claimAndSwap and _swapUnderlyingToAsset functions of the StrategyArb.sol contract contains a logic issue, the main issue is the reliance on the caller to set _minOut without any internal checks to ensure a premium swap.
Affected Code
claimAndSwapFunction:function claimAndSwap(uint256 _amountClaim, uint256 _minOut, IRamsesRouter.route[] calldata _path) external onlyKeepers {transmuter.claim(_amountClaim, address(this));uint256 balBefore = asset.balanceOf(address(this));_swapUnderlyingToAsset(_amountClaim, _minOut, _path);uint256 balAfter = asset.balanceOf(address(this));require((balAfter - balBefore) >= _minOut, "Slippage too high"); // Main issue: No guarantee of premiumtransmuter.deposit(asset.balanceOf(address(this)), address(this));}
_swapUnderlyingToAssetFunction:function _swapUnderlyingToAsset(uint256 _amount, uint256 minOut, IRamsesRouter.route[] calldata _path) internal {require(minOut > _amount, "minOut too low"); // Main issue: Relies on caller for premiumuint256 underlyingBalance = underlying.balanceOf(address(this));require(underlyingBalance >= _amount, "not enough underlying balance");IRamsesRouter(router).swapExactTokensForTokens(_amount, minOut, _path, address(this), block.timestamp);}
Impact
Without a mechanism to ensure a premium swap, the contract may execute swaps at unfavorable rates, potentially leading to financial losses. The reliance on the caller to set _minOut correctly introduces the risk of human error or manipulation, which could result in swaps being executed at a loss.
Tools Used
Manual code review
Recommendations
Integrate Price Oracles:
Use a price oracle to fetch current market rates for WETH and alETH. This can help dynamically calculate the appropriate
_minOutvalue to ensure a premium swap.
Implement Price Checks:
Add logic to compare the value of the assets being swapped, rather than just their quantities. This can involve checking the current market price and ensuring the swap rate is better than 1:1.
Automate _minOut Calculation:
Automate the calculation of
_minOutbased on real-time market data to reduce reliance on the caller and minimize the risk of human error.
Add Additional Safeguards:Implement additional checks or constraints to ensure that swaps are only executed when favorable conditions are met, such as a minimum premium threshold.
Appeal created
[INVALID]Lack of mechanism to ensure premium swaps
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.