Incorrect slippage protection for sdt/cvgSdt exchange
Summary
Incorrect slippage protection for sdt/cvgSdt exchange in when withdrawing rewards
Vulnerability Detail
The minimum amount required is incorrectly passed as the current expected swap amount instead of input amount when exchanging from sdt to cvgSdt in the _withdrawRewards() function
ICrvPoolPlain _poolCvgSDT = poolCvgSDT;
/// @dev Only swap if the returned amount in CvgSdt is gretear than the amount rewarded in SDT
_poolCvgSDT.exchange(0, 1, rewardAmount, _poolCvgSDT.get_dy(0, 1, rewardAmount), receiver);
Impact
User's who opt to convert sdt to cvgSdt when cliaming rewards will be front-runned causing loss of funds
hash
high
Incorrect slippage protection for sdt/cvgSdt exchange
Summary
Incorrect slippage protection for sdt/cvgSdt exchange in when withdrawing rewards
Vulnerability Detail
The minimum amount required is incorrectly passed as the
current expected swap amountinstead ofinput amountwhen exchanging from sdt to cvgSdt in the_withdrawRewards()functionImpact
User's who opt to convert sdt to cvgSdt when cliaming rewards will be front-runned causing loss of funds
Code Snippet
https://github.com/sherlock-audit/2023-11-convergence/blob/main/sherlock-cvg/contracts/Staking/StakeDAO/SdtRewardReceiver.sol#L233C1-L235
Tool used
Manual Review
Recommendation
Pass rewardAmount instead
Duplicate of #180