search

sherlock-audit / 2024-11-telcoin-judging

0 stars 0 forks source link

hard1k - In `AmirX.sol` the `swap` function will lead to exexpected behaviour when directional = false due to wrong implementation #209

Open sherlock-admin2 opened 1 week ago

sherlock-admin2 commented 1 week ago

hard1k

High

In AmirX.sol the swap function will lead to exexpected behaviour when directional = false due to wrong implementation

Summary

In the swap function is used for performing and handling both stableCoin swaps and defiSwaps. but the function is implemented like, the validations for both the swaps are happening here in starting of the function. the issue here is that when the directional flag is set to false- not directional the validations are not performed for the swaps as can be seen here due to this the function will try to execute swaps without the modifier for the stableCoinSwap and the other validations which are necassary for executing these swaps. This can cause or lead unexpected behaviour in the function because without the input validations the function might try to execute with 0 values altogether. That being said: As we can see that the the function is permissioned to the SWAPPER_ROLE only. even then there are some inputs in the struct that are passed by the users itself. For Example - the ss.origin token, i.e is swapIn token, target token i.e the swapOut token along with the amounts.

Root Cause

Incorrect implementation in the swap function

Internal pre-conditions

No response

External pre-conditions

when the direction flag is set to false

Attack Path

No response

Impact

The swap function will cause problems in case of directional = false due to no input validation at all.

PoC

https://github.com/sherlock-audit/2024-11-telcoin/blob/main/telcoin-audit/contracts/swap/AmirX.sol#L73C1-L103C1

        } else {
            // if stablecoin swap
            _stablecoinSwap(wallet, ss);
            // if only stablecoin swap
            if (defi.walletData.length != 0) _defiSwap(wallet, defi);
        }
    }

Mitigation

Add the required validations for both the swaps before the execution.

        } else {
            // if stablecoin swap
      +    _verifyStablecoinSwap(wallet, ss);
            _stablecoinSwap(wallet, ss);
            // if only stablecoin swap
      +     _verifyDefiSwap(wallet, defi);
            if (defi.walletData.length != 0) _defiSwap(wallet, defi);
        }
    }