search

code-423n4 / 2024-03-saltyio-mitigation-findings

0 stars 0 forks source link

E-04 MitigationConfirmed #117

Closed c4-bot-4 closed 8 months ago

c4-bot-4 commented 8 months ago

Lines of code

Vulnerability details

Additional Scope Issue

https://github.com/othernet-global/salty-io/commit/6998661013e86a50c7db552d189fadb0521dbeb0

Comments

The commit above primarily added a modified version of _adjustReservesForSwap to use when conducting arbitrage prevent reverts with zero SALT/WETH liquidity. its called adjustReservesForSwapNoRevert. Please note that this function has been subsequently deprecated and replaced with similar logic as so:

        // Only swap for SALT with sufficient reserves
    if ( ( reserves.reserve0 > PoolUtils.DUST ) && ( reserves.reserve1 > PoolUtils.DUST ) )
        {
        uint256 saltOut = _adjustReservesForSwap(reserves, flipped, arbitrageProfit);

essentially now the adjustments checks beforehand if reserves are sufficient to avoid the revert. the relevant commit for this change is :

https://github.com/othernet-global/salty-io/commit/75901cae57382a87b5f049d7afb9c5d9b9ba4c19

Please note that the Utils.sol helper function was also modified as part of this commit, it primarily provides efficiency functions called from the Web3 UI.

Conclusion

LGTM

liveactionllama commented 8 months ago

Updating the ID label here, simply for consistency across all warden submissions.

c4-judge commented 8 months ago

Picodes marked the issue as nullified