Open code423n4 opened 1 year ago
141345 marked the issue as low quality report
141345 marked the issue as duplicate of #163
alcueca changed the severity to QA (Quality Assurance)
alcueca marked the issue as selected for report
alcueca marked the issue as grade-a
alcueca marked the issue as not selected for report
Lines of code
https://github.com/code-423n4/2023-07-basin/blob/main/src/functions/ConstantProduct2.sol#L49 https://github.com/code-423n4/2023-07-basin/blob/main/src/functions/ConstantProduct2.sol#L58 https://github.com/code-423n4/2023-07-basin/blob/main/src/functions/ConstantProduct2.sol#L79 https://github.com/code-423n4/2023-07-basin/blob/main/src/functions/ConstantProduct2.sol#L92
Vulnerability details
Impact
Although the contract
ConstantProduct2
is designed to work with Wells of 2 tokens, it doesn't employ any enforcement on that, which allows it to be used with multi tokens Wells.Proof of Concept
In that scenario, regardless of the tokens being traded, the contract will always output the calculation regarding the first 2 reserves, which can possibly lead to incorrect values and broken invariants.
Tools Used
Manual review
Recommended Mitigation Steps
Add a requirement statement that
reserves.length == 2
Assessed type
Invalid Validation