The _convert function reverts if neither fromToken nor toToken is the quoteToken.
Summary
Vulnerability Detail
When the fromToken (the token being sold) is the quoteToken. In this case, it directly calculates the amount of toToken (the token being bought) based on the price of toToken in terms of the quoteToken.
When the toToken (the token being bought) is the quoteToken. In this case, it directly calculates the amount of toToken based on the price of fromToken in terms of the quoteToken.
However, the function does not handle the case where neither the fromToken nor the toToken is the quoteToken. In other words, if you're trying to swap Token A for Token B, and neither of these tokens is the quoteToken, the function will revert because it doesn't know how to handle this scenario.
Impact
The impact of the _convert function reverting when neither fromToken nor toToken is the quoteToken is that it limits the types of token swaps that can be performed.
yy
medium
The
_convert
function reverts if neitherfromToken
nortoToken
is the quoteToken.Summary
Vulnerability Detail
When the fromToken (the token being sold) is the quoteToken. In this case, it directly calculates the amount of toToken (the token being bought) based on the price of toToken in terms of the quoteToken.
When the toToken (the token being bought) is the quoteToken. In this case, it directly calculates the amount of toToken based on the price of fromToken in terms of the quoteToken.
However, the function does not handle the case where neither the fromToken nor the toToken is the quoteToken. In other words, if you're trying to swap Token A for Token B, and neither of these tokens is the quoteToken, the function will revert because it doesn't know how to handle this scenario.
Impact
The impact of the _convert function reverting when neither fromToken nor toToken is the quoteToken is that it limits the types of token swaps that can be performed.
Code Snippet
https://github.com/sherlock-audit/2023-04-unitasprotocol/blob/main/Unitas-Protocol/src/SwapFunctions.sol#L173
Tool used
Manual Review
Recommendation
Add a conversion path that handles the case where neither fromToken nor toToken is the quoteToken.