Closed c4-bot-7 closed 1 month ago
https://github.com/code-423n4/2024-08-superposition/blob/4528c9d2dbe1550d2660dac903a8246076044905/pkg/seawater/src/lib.rs#L902-L909
Users can modify their liquidity from:
However update_position is the only one of them that has no slippage protection.
pub fn update_position_C_7_F_1_F_740( &mut self, pool: Address, id: U256, delta: i128, ) -> Result<(I256, I256), Revert> { self.update_position_internal(pool, id, delta, None) }
Eyes
Add slippage protection in update_position_C_7_F_1_F_740.
update_position_C_7_F_1_F_740
Other
Withdrawn by 0x1771
Lines of code
https://github.com/code-423n4/2024-08-superposition/blob/4528c9d2dbe1550d2660dac903a8246076044905/pkg/seawater/src/lib.rs#L902-L909
Vulnerability details
Proof of Concept
Users can modify their liquidity from:
However update_position is the only one of them that has no slippage protection.
Tools Used
Eyes
Recommended Mitigation Steps
Add slippage protection in
update_position_C_7_F_1_F_740
.Assessed type
Other