If the swap doesn't meet the slippage tolerance, the function will still continue executing. This could lead to the contract holding less tokenA than expected, which could affect the subsequent addLiquidity call and the final balances of the AMO and rdpxV2Core.
Proof of Concept
Exploit Scenario: If the swap doesn't meet the slippage tolerance, the function will still continue executing, potentially leading to the contract holding less tokenA than expected.
Tools Used
Foundry
Recommended Mitigation Steps
Add a require statement after the swap to check if the amount of tokenA received is greater than or equal to the minimum amount expected. This will immediately revert the transaction if the swap didn't meet the slippage tolerance, preventing the function from continuing with less tokenA than expected.
require(tokenAAmountOut >= mintokenAAmount, "reLPContract: swap amount less than expected");
Lines of code
https://github.com/code-423n4/2023-08-dopex/blob/main/contracts/reLP/ReLPContract.sol#L277
Vulnerability details
Impact
If the swap doesn't meet the slippage tolerance, the function will still continue executing. This could lead to the contract holding less tokenA than expected, which could affect the subsequent addLiquidity call and the final balances of the AMO and rdpxV2Core.
Proof of Concept
Exploit Scenario: If the swap doesn't meet the slippage tolerance, the function will still continue executing, potentially leading to the contract holding less tokenA than expected.
Tools Used
Foundry
Recommended Mitigation Steps
Add a require statement after the swap to check if the amount of tokenA received is greater than or equal to the minimum amount expected. This will immediately revert the transaction if the swap didn't meet the slippage tolerance, preventing the function from continuing with less tokenA than expected.
Assessed type
Invalid Validation