Potential Risk of Unchecked Slippage Guard in _sellStakedUSDe
Summary
The _sellStakedUSDe function facilitates the exchange of staked USDe tokens (sUSDe) for DAI and subsequently for another token. However, it lacks a proper slippage guard when trading sUSDe to DAI, potentially exposing users to adverse price movements.
Vulnerability Detail
The function _sellStakedUSDe executes two trades sequentially: first from sUSDe to DAI and then potentially from DAI to another token (borrowToken). The initial trade from sUSDe to DAI lacks a slippage guard, which ensures that the trade executes within an acceptable price range relative to the expected rate.
Loss of Value: Without a slippage guard, the trade from sUSDe to DAI could execute at a significantly worse rate during volatile market conditions, resulting in financial losses for users.
Arbitrage Exploitation: Malicious actors could exploit price discrepancies between exchanges or during market fluctuations, potentially manipulating the trade execution to their advantage.
Impact
Alice has 100 sUSDe tokens.
Bob intends to exchange DAI for another token using _sellStakedUSDe.
Alice calls _sellStakedUSDe with sUSDeAmount = 100, borrowToken = TokenX, and minPurchaseAmount = 0.
The function executes the trade from sUSDe to DAI without checking slippage.
Malicious Bob monitors the transaction and front-runs Alice by manipulating the DAI exchange rate during the trade execution.
Due to the absence of a slippage guard, Alice receives fewer DAI tokens than expected.
Bob profits from the manipulated trade, exploiting Alice's transaction without proper price protection.
Implement a slippage guard in the _sellStakedUSDe function to ensure trades from sUSDe to DAI execute within an acceptable price range. This will safeguard users against adverse market conditions and potential arbitrage exploits.
0xrobsol
Medium
Potential Risk of Unchecked Slippage Guard in _sellStakedUSDe
Summary
The _sellStakedUSDe function facilitates the exchange of staked USDe tokens (sUSDe) for DAI and subsequently for another token. However, it lacks a proper slippage guard when trading sUSDe to DAI, potentially exposing users to adverse price movements.
Vulnerability Detail
The function _sellStakedUSDe executes two trades sequentially: first from sUSDe to DAI and then potentially from DAI to another token (borrowToken). The initial trade from sUSDe to DAI lacks a slippage guard, which ensures that the trade executes within an acceptable price range relative to the expected rate.
Impact
Due to the absence of a slippage guard, Alice receives fewer DAI tokens than expected. Bob profits from the manipulated trade, exploiting Alice's transaction without proper price protection.
Code Snippet
https://github.com/sherlock-audit/2024-06-leveraged-vaults/blob/main/leveraged-vaults-private/contracts/vaults/staking/protocols/Ethena.sol#L136
Tool used
Manual Review
Recommendation
Implement a slippage guard in the _sellStakedUSDe function to ensure trades from sUSDe to DAI execute within an acceptable price range. This will safeguard users against adverse market conditions and potential arbitrage exploits.
Duplicate of #18