search

code-423n4 / 2023-12-revolutionprotocol-findings

3 stars 2 forks source link

Slippage protection missing #698

Closed c4-bot-1 closed 10 months ago

c4-bot-1 commented 10 months ago

Lines of code

https://github.com/code-423n4/2023-12-revolutionprotocol/blob/main/packages/revolution/src/MaxHeap.sol#L136

Vulnerability details

The MaxHeap contract does not check for slippage when updating item values. This could enable the admin to manipulate asset prices.

Recommendation: Implement slippage protection by adding min/max checks in updateValue():

function updateValue(uint256 itemId, uint256 newValue) public onlyAdmin {
+   uint256 oldValue = valueMapping[itemId];
+   uint256 minValue = oldValue - (oldValue * 10 / 100); // 10% slippage allowed  
+   uint256 maxValue = oldValue + (oldValue * 10 / 100);

+   require(newValue >= minValue && newValue <= maxValue, "Slippage limit exceeded");

   // Update value mapping
   valueMapping[itemId] = newValue;

   // Maintain max heap property
   // ...

Assessed type

Invalid Validation

c4-pre-sort commented 10 months ago

raymondfam marked the issue as insufficient quality report

c4-pre-sort commented 10 months ago

raymondfam marked the issue as duplicate of #686

c4-judge commented 9 months ago

MarioPoneder marked the issue as unsatisfactory: Insufficient proof