Closed c4-submissions closed 9 months ago
0xleastwood marked the issue as duplicate of #39
0xleastwood marked the issue as duplicate of #23
0xleastwood marked the issue as partial-25
Only covers 1/3 of the edge cases outlined in the primary issue.
Lines of code
https://github.com/code-423n4/2023-09-asymmetry/blob/main/contracts/strategies/votium/VotiumStrategyCore.sol#L292-L294
Vulnerability details
Impact
VotiumStrategyCore.applyRewards can be sandwhiched, so users rewards will be lost.
Proof of Concept
VotiumStrategyCore.applyRewards
will be used in order to swap all rewards to eth and then distribute eth to the safEth or vEth.The problem here is that
sellCvx
function doesn't have slippage protection, which means that attacker can sandwhich this function call and make contract lose funds during the swap. Pls, note, thatAfEth.depositRewards
also can't protect form this.Tools Used
VsCode
Recommended Mitigation Steps
Deal with slippage when you call
sellCvx
function.Assessed type
Error