search

sherlock-audit / 2023-12-flatmoney-judging

9 stars 7 forks source link

Afriauditor - make if (quotedAmount < minAmountOut) in delayedorder:announceStableDeposit (quotedAmount <= minAmountOut) #289

Closed sherlock-admin closed 5 months ago

sherlock-admin commented 5 months ago

Afriauditor

medium

make if (quotedAmount < minAmountOut) in delayedorder:announceStableDeposit (quotedAmount <= minAmountOut)

Summary

make if (quotedAmount < minAmountOut) in delayedorder:announceStableDeposit (quotedAmount <= minAmountOut)

Vulnerability Detail

this will enable trade execute when price is also exactly at slippage

Impact

Enable trade execution at exactly slippage

Code Snippet

https://github.com/sherlock-audit/2023-12-flatmoney/blob/main/flatcoin-v1/src/DelayedOrder.sol#L83

Tool used

Manual Review

Recommendation

change < to <=

sherlock-admin commented 5 months ago

1 comment(s) were left on this issue during the judging contest.

takarez commented:

invalid

nevillehuang commented 4 months ago

Invalid, slippage working as intended, the if quotedAmount == minAmountOut, it should not revert.