search

sherlock-audit / 2024-08-cork-protocol-judging

2 stars 2 forks source link

ivanonchain - The absence of slippage protection can result in users receiving fewer tokens than expected when removing liquidity. #237

Closed sherlock-admin2 closed 2 months ago

sherlock-admin2 commented 2 months ago

ivanonchain

High

The absence of slippage protection can result in users receiving fewer tokens than expected when removing liquidity.

Summary

The VaultLib.sol::__liquidateUnchecked() function call UniswapV2Router02.sol::removeLiquidity() function without providing amountAMin and amountBMin to protect the transaction from slippage attacks

https://github.com/sherlock-audit/2024-08-cork-protocol/blob/main/Depeg-swap/contracts/libraries/VaultLib.sol#L282

Vulnerability Detail

There is a comment above the call that says: amountAMin & amountBMin = 0 for 100% tolerance. Indeed, the absence of slippage protection provides 100% tolerance to avoid DOS when removing liquidity, and also opens the door to front-running attacks that result in users receiving less funds than they expect.

Impact

Users receiving less funds than they expect.

Tool used

Manual Review

Recommendation

Users should have the option to provided the minimum amount of tokens expected when are removing liquidity.

sherlock-admin3 commented 2 months ago

1 comment(s) were left on this issue during the judging contest.

tsvetanovv commented:

This is a Library function and has no impact. As written there is no problem. You should have specified which functions in the protocol call this function to get some impact.