search

code-423n4 / 2023-08-dopex-findings

3 stars 3 forks source link

Missed approving to UniswapV2Router #2181

Closed code423n4 closed 11 months ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-08-dopex/blob/main/contracts/core/RdpxV2Core.sol#L1097

Vulnerability details

Impact

The contract should have already granted an allowance of at least minamountOfWeth for the input token. This step is missing during the UniswapV2Router call within the lowerDepeg function.

      // @audit msg.sender should have already given the router an allowance of at least amountIn on the input token.

      amountOfWethOut = IUniswapV2Router(addresses.dopexAMMRouter)
        .swapExactTokensForTokens(
          _rdpxAmount,
          minamountOfWeth,
          path,
          address(this),
          block.timestamp + 10
        )[path.length - 1];

The router cannot swap the tokens. This approval is missing in the setAddresses function, where all other approvals are made.

Tools Used

Mannual Review

Recommended Mitigation Steps

Approve at least minamountOfWeth tokens for the Router to spend before executing the swap functions.

Assessed type

Uniswap

bytes032 commented 11 months ago

It has max approval

c4-pre-sort commented 11 months ago

bytes032 marked the issue as low quality report

GalloDaSballo commented 11 months ago

https://github.com/code-423n4/2023-08-dopex/blob/eb4d4a201b3a75dd4bddc74a34e9c42c71d0d12f/contracts/core/RdpxV2Core.sol#L343-L344

c4-judge commented 11 months ago

GalloDaSballo marked the issue as unsatisfactory: Invalid