The contract should have already granted an allowance of at least minamountOfWeth for the input token. This step is missing during the UniswapV2Router call within the lowerDepeg function.
// @audit msg.sender should have already given the router an allowance of at least amountIn on the input token.
amountOfWethOut = IUniswapV2Router(addresses.dopexAMMRouter)
.swapExactTokensForTokens(
_rdpxAmount,
minamountOfWeth,
path,
address(this),
block.timestamp + 10
)[path.length - 1];
The router cannot swap the tokens. This approval is missing in the setAddresses function, where all other approvals are made.
Tools Used
Mannual Review
Recommended Mitigation Steps
Approve at least minamountOfWeth tokens for the Router to spend before executing the swap functions.
Lines of code
https://github.com/code-423n4/2023-08-dopex/blob/main/contracts/core/RdpxV2Core.sol#L1097
Vulnerability details
Impact
The contract should have already granted an allowance of at least
minamountOfWeth
for the input token. This step is missing during theUniswapV2Router
call within thelowerDepeg
function.The router cannot swap the tokens. This approval is missing in the
setAddresses
function, where all other approvals are made.Tools Used
Mannual Review
Recommended Mitigation Steps
Approve at least
minamountOfWeth
tokens for the Router to spend before executing the swap functions.Assessed type
Uniswap