Alchemix Transmuter
Alchemix
DeFiFoundrySolidity
16,653 OP
View results
Previous Next
Submission Details
Severity: medium
Invalid

Overly Restrictive Swap Conditions Leading to Transaction Reverts

lordofterra

Vulnerability Details

The claimAndSwap functions in the Strategies contracts enforces the strict condition on the swap from WETH to ALETH. The keeper specifies the _amountClaim and the _minOut for slippage, However the require statement

require(_minOut > _amountClaim, "minOut too low");

only allows the _minOut to be greater than the _amountClaim which is the amount of WETH to claim from the transmuter.

In situations where there is a 1:1 condition the transaction would revert as a result of the require statment

require((balAfter - balBefore) >= _minOut, "Slippage too high");

StrategryArb

https://github.com/Cyfrin/2024-12-alchemix/blob/82798f4891e41959eef866bd1d4cb44fc1e26439/src/StrategyArb.sol#L71C1-L78C6

https://github.com/Cyfrin/2024-12-alchemix/blob/82798f4891e41959eef866bd1d4cb44fc1e26439/src/StrategyArb.sol#L81C1-L88C6

StrategyMainet

https://github.com/Cyfrin/2024-12-alchemix/blob/82798f4891e41959eef866bd1d4cb44fc1e26439/src/StrategyMainnet.sol#L99

StrategyOp

https://github.com/Cyfrin/2024-12-alchemix/blob/82798f4891e41959eef866bd1d4cb44fc1e26439/src/StrategyOp.sol#L79C3-L89C6

https://github.com/Cyfrin/2024-12-alchemix/blob/82798f4891e41959eef866bd1d4cb44fc1e26439/src/StrategyOp.sol#L95C3-L103C6

Impact

  1. Transaction will revert if there is a 1:1 condition

Tools Used

Manual review

Recommendations

  1. update the operator >= to allow transactions of equal amount.

    require(_minOut >= _amountClaim, "minOut too low");

Updates

Appeal created

inallhonesty Lead Judge 6 months ago
Submission Judgement Published
Invalidated
Reason: Design choice
inallhonesty Lead Judge 6 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.