code423n4 commented 2 years ago

Handle

WatchPug

Vulnerability details

https://github.com/Badger-Finance/badger-ibbtc-utility-zaps/blob/6f700995129182fec81b772f97abab9977b46026/contracts/IbbtcVaultZap.sol#L144-L180

function deposit(uint256[4] calldata _amounts) public whenNotPaused {
    // ...
}

Given that IbbtcVaultZap.sol#deposit() will add liquidity to the curve pool, and the amount out differs when the price of tokens in the pool changes.

However, the current implementation provides no parameter for slippage control, making them vulnerable to front-run attacks. Especially for transactions with rather large volumes.

Recommendation

Consider adding a minAmountOut parameter.

GalloDaSballo commented 2 years ago

Agree with the finding, we have mitigated by adding a slippage check minOut

0xleastwood commented 2 years ago

duplicate of #71

code-423n4 / 2021-11-badgerzaps-findings

`IbbtcVaultZap.sol#deposit()` can be front run #48

Handle

Vulnerability details

Recommendation