increaseLiquidity/decreaseLiquidity Lack of slippage protection #29
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
duplicate-2
satisfactory
satisfies C4 submission criteria; eligible for awards
Lines of code
https://github.com/code-423n4/2023-12-particle/blob/a3af40839b24aa13f5764d4f84933dbfa8bc8134/contracts/protocol/ParticlePositionManager.sol#L118
https://github.com/code-423n4/2023-12-particle/blob/a3af40839b24aa13f5764d4f84933dbfa8bc8134/contracts/protocol/ParticlePositionManager.sol#L127
Vulnerability details
Vulnerability details
In
ParticlePositionManager.mint()
, there is slippage protection byparams.amount0Min / params.amount1Min
But in
increaseLiquidity()
,pool.mint()
will also be executedThere is no slippage protection
It is recommended to add slippage protection to avoid
LP
lossesNote:
decreaseLiquidity()
has a similar problemImpact
Lack of slippage protection in increaseLiquidity/decreaseLiquidity
Recommended Mitigation
Assessed type
Uniswap
The text was updated successfully, but these errors were encountered: