The logic for selecting the fee_rate may not accurately reflect the intended fee structure, especially when swapping between base tokens and quote tokens.
Vulnerability Detail
When swapping from the quote token to a base token, the fee rate should typically be taken from the pool associated with the base token being received.
When swapping from a base token to the quote token, the fee rate should come from the pool of the base token being sold.
The current logic may apply the wrong fee rate or an inconsistent fee rate, especially when swapping between two base tokens.
Zesty Sage Tapir
Medium
Incorrect Fee Rate Selection
Summary
The logic for selecting the
fee_ratemay not accurately reflect the intended fee structure, especially when swapping between base tokens and quote tokens.Vulnerability Detail
When swapping from the quote token to a base token, the fee rate should typically be taken from the pool associated with the base token being received. When swapping from a base token to the quote token, the fee rate should come from the pool of the base token being sold. The current logic may apply the wrong fee rate or an inconsistent fee rate, especially when swapping between two base tokens.
Impact
Code Snippet
https://github.com/sherlock-audit/2024-08-woofi-solana-deployment/blob/main/WOOFi_Solana/programs/woofi/src/instructions/query.rs#L86
Tool used
Manual Review
Recommendation