Closed sherlock-admin3 closed 3 months ago
3 comment(s) were left on this issue during the judging contest.
z3s commented:
Invalid; When reverts other changes reverts too.
DHTNS commented:
Invalid -> code works as intended and slippage check are fine
_karanel commented:
function is correct as described in natspec for params
air_0x
high
Ineffective slippage check due to Incorrect order of operation in the panic() function .
Summary
The function
panic()
in theStrategyPassiveManagerVelodrome
contract handles situations by claiming earnings, removing liquidity, removing allowances, and pausing the contract. However, the order of operations within the function can cause the slippage check to be ineffective, allowing critical actions to be executed even if slippage conditions are not met.Vulnerability Detail
The issue arises from the placement of the slippage check after the
_claimEarnings()
,_removeLiquidity()
,_removeAllowances()
, and_pause()
calls. This sequence means that the function performs these actions before verifying if the balance conditions_minAmount0
and_minAmount1
are satisfied.Below is the panic() function :
As you can see the slippage check occurs after critical operations.
Code Snippet
https://github.com/sherlock-audit/2024-05-beefy-cowcentrated-liquidity-manager/blob/main/cowcentrated-contracts/contracts/strategies/velodrome/StrategyPassiveManagerVelodrome.sol#L807
Impact
If the balances of
bal0
andbal1
are below the specified minimum amounts_minAmount0
and_minAmount1
, since the slippage check occurs after critical operations, these actions may still execute, leading to undesirable consequences such as incomplete or incorrect state changes,Tool used
Manual Review
Recommendation