Closed sherlock-admin2 closed 7 months ago
Afriaudit
high
Potential price manipulation because amount In was represented as IERC20(wrappedTokenIn).balanceOf(address(this)), in JalaMasterRouter:swapExactTokensForTokens A malicious user can manipulate price by sending wrappedtoken obtained from dust to J
amount
JalaMasterRouter:swapExactTokensForTokens
aaffect price accuracy
Manual Review
use amountin ** getdecimals
Invalid, seemingly duplicate of #, but insufficient vulernability description and proof.
Afriaudit
high
User could potentially manipulate market price
Summary
Potential price manipulation because
amount
In was represented as IERC20(wrappedTokenIn).balanceOf(address(this)), inJalaMasterRouter:swapExactTokensForTokens
A malicious user can manipulate price by sending wrappedtoken obtained from dust to JImpact
aaffect price accuracy
Code Snippet
Tool used
Manual Review
Recommendation
use amountin ** getdecimals