You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jun 2, 2024. It is now read-only.
sherlock-admin opened this issue
Nov 29, 2023
· 0 comments
Labels
DuplicateA valid issue that is a duplicate of an issue with `Has Duplicates` labelMediumA valid Medium severity issueRewardA payout will be made for this issue
SdtRewardReceiver._withdrawRewards contains an optional token swap through a curve pool. The min output param is unsafely set, allowing anyone to sandwich the transaction, taking an unlimited amount of slippage, resulting in a loss of rewards for the user.
Vulnerability Detail
The swap in _withdrawRewards simply enforces the min_dy param (minimum amount of output token to receive) as the current result of get_dy() (returns the current output for the given swap). The problem with this logic is that minimum output is retrieved atomically with when the swap is executed, meaning that the slippage it would be enforcing has already occurred.
Consider for example how this may be sandwiched:
Attacker see transaction in mempool which will swap sdt => cvgSdt
Attacker frontruns the transaction with a large swap of sdt => cvgSdt
Increases the exchange rate of sdt => cvgSdt
Transaction is processed
Min output amount is set as expected amount out at current exchange rate, which was just increased by frontrun tx
Attacker backruns the transaction, selling all the cvgSdt back to sdt at an inflated price
Since the min output is based on the atomic exchange rate, the attacker can take an unlimited amount of slippage.
Impact
Sandwich bots can take unlimited slippage from reward withdrawals when swapped through curve pool.
sherlock-admin
changed the title
Active Obsidian Mule - Unlimited slippage allowed in curve pool swap
0xkaden - Unlimited slippage allowed in curve pool swap
Dec 24, 2023
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
DuplicateA valid issue that is a duplicate of an issue with `Has Duplicates` labelMediumA valid Medium severity issueRewardA payout will be made for this issue
0xkaden
high
Unlimited slippage allowed in curve pool swap
Summary
SdtRewardReceiver._withdrawRewards
contains an optional token swap through a curve pool. The min output param is unsafely set, allowing anyone to sandwich the transaction, taking an unlimited amount of slippage, resulting in a loss of rewards for the user.Vulnerability Detail
The swap in
_withdrawRewards
simply enforces themin_dy
param (minimum amount of output token to receive) as the current result ofget_dy()
(returns the current output for the given swap). The problem with this logic is that minimum output is retrieved atomically with when the swap is executed, meaning that the slippage it would be enforcing has already occurred.Consider for example how this may be sandwiched:
Since the min output is based on the atomic exchange rate, the attacker can take an unlimited amount of slippage.
Impact
Sandwich bots can take unlimited slippage from reward withdrawals when swapped through curve pool.
Code Snippet
https://github.com/sherlock-audit/2023-11-convergence/blob/main/sherlock-cvg/contracts/Staking/StakeDAO/SdtRewardReceiver.sol#L235
Tool used
Manual Review
Recommendation
A parameter should be provided to pass the minimum amount out.
Duplicate of #180
The text was updated successfully, but these errors were encountered: