As a result trades happen at a manipulated price and end up receiving fewer tokens than current market price dictates.
Placing severity to medium as impact here is a partial fund loss conditional only on big enough asset amount to be swapped: sandwich attacks are common and can be counted to happen almost always as long as economic viability is present.
Proof of Concept
There is no slippage control of any kind in reward token swapping:
Lines of code
https://github.com/Badger-Finance/vested-aura/blob/v0.0.2/contracts/MyStrategy.sol#L257-L275
Vulnerability details
As a result trades happen at a manipulated price and end up receiving fewer tokens than current market price dictates.
Placing severity to medium as impact here is a partial fund loss conditional only on big enough asset amount to be swapped: sandwich attacks are common and can be counted to happen almost always as long as economic viability is present.
Proof of Concept
There is no slippage control of any kind in reward token swapping:
https://github.com/Badger-Finance/vested-aura/blob/v0.0.2/contracts/MyStrategy.sol#L257-L275
Recommended Mitigation Steps
Consider adding slippage argument to the
_harvest
, so it can be tuned each time according to the current market conditions.