Incorrect Asset Deposit to Transmuter in StrategyArb::claimAndSwap, StrategyMainnet::claimAndSwap, and StrategyOp::claimAndSwap Functions
Summary
In the claimAndSwap functions of the StrategyArb, StrategyMainnet, and StrategyOp contracts, the contract deposits the entire asset balance into transmuter, rather than depositing the actual profit (the difference between the balance before and after the swap). This error can lead to unnecessary deposits and cause inconsistencies in the strategy's accounting.
Vulnerability Details
After performing the token swap, the contract deposits the entire asset balance into transmuter, but it should only deposit the profit from the swap, which is the difference between the balance before and after the swap (balAfter - balBefore). This mistake leads to unnecessary deposits and may cause inconsistencies in the accounting of the strategy. It can also maliciously manipulate user assets by depositing unintended asset tokens into transmuter.
Impact
Depositing the entire asset balance instead of just the profit can lead to:
Inconsistent Strategy Accounting: The strategy's funds may not be properly accounted for, affecting profit calculations.
Wasted Gas Fees: Depositing tokens that are not actual profit can result in unnecessary gas usage.
Inability to Recover Swapped Funds: If
asset.balanceOf(address(this))is zero, the contract may fail to recover the swapped funds.
Tools Used
Manual Code Audit
Recommendations
Modify the transmuter.deposit call to deposit only the actual profit from the swap, i.e., the difference between the balance before and after the swap:
This ensures that only the actual profit from the swap is deposited into transmuter, improving the efficiency of the strategy and avoiding unnecessary deposits.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.