In the original implementation, the first liquidity provider could suffer a loss on their deposited tokens by a front-run attack becuase slippage protection is ineffective for the first addLiquidity() transaction.
Mitigation
commit 0bb763c
in Pools#addLiquidity(), minAddedAmountA and minAddedAmountB are introduced to ensure that the amounts of deposited tokens must not be less than these values.
The original issue was resolved.
Lines of code
Vulnerability details
Comments
In the original implementation, the first liquidity provider could suffer a loss on their deposited tokens by a front-run attack becuase slippage protection is ineffective for the first
addLiquidity()
transaction.Mitigation
commit 0bb763c in
Pools#addLiquidity()
,minAddedAmountA
andminAddedAmountB
are introduced to ensure that the amounts of deposited tokens must not be less than these values. The original issue was resolved.Conclusion
Confirmed