Leak of Value in yield
function, slippage check is not effective
#289
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
Lines of code
https://github.com/code-423n4/2022-06-illuminate/blob/912be2a90ded4a557f121fe565d12ec48d0c4684/lender/Lender.sol#L641-L654
Vulnerability details
The function
yield
is using the input fromsellBasePreview
and then using it.https://github.com/code-423n4/2022-06-illuminate/blob/912be2a90ded4a557f121fe565d12ec48d0c4684/lender/Lender.sol#L641-L654
The output of
sellBasePreview
is meant to be used off-chain to avoid front-running and price changes, additionally no validation is performed on this value (is it zero, is it less than 95% of amount) meaning the check is equivalent to settingreturned = 0
I'd recommend to add checks, or ideally have a trusted keeper bulk
sellBase
with an additional slippage check as the function parameterThe text was updated successfully, but these errors were encountered: