Alchemix Transmuter

Summary

The claimAndSwap function in the StrategyMainnet.sol contract lacks a critical validation step to ensure that the underlying balance is sufficient to cover the _amountClaim. Without this check, the function may execute with insufficient funds, leading to unexpected behavior or reverts during execution.

Vulnerability Details

The claimAndSwap function begins by calling transmuter.claim(_amountClaim, address(this)) and then calculates the balance before the swap operation (balBefore). However, it does not verify if the contract's current balance of the underlying asset is greater than or equal to _amountClaim before proceeding.

Potential issues include:

• Execution Without Sufficient Funds: If the transmuter.claim call does not provide the expected _amountClaim, the function could revert during the subsequent router.exchange operation.

• Undefined Behavior: If the router.exchange function handles insufficient balances differently (e.g., partial swaps), it could lead to unintended outcomes like lower-than-expected swapped amounts.

Impact

• Reverts: The function might revert unexpectedly due to insufficient underlying balance, disrupting the keeper's operations.

• Partial Swaps or Loss of Funds: If the router allows partial swaps, the actual swapped amount could be less than intended, leading to financial inefficiency or loss.

• Operational Risks: The lack of validation could cause the function to behave unpredictably, increasing complexity for users or maintainers.

Tools Used

Manual Code Review

Recommendations

• Add Balance Check: Include a check to verify that the underlying balance is sufficient to handle _amountClaim before executing the swap: