Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Nukem Loans>High findings>[FIXED] Slippage is set to zero during swap
GeneralOverview
Findings
Critical (3)
High (3)Centralized pricing arbitrageSlippage is set to zero during swapEIP-712 fork replayable signature
Medium (2)
Low (1)
DiscussionInitializer called in constructorBorrowing on behalf of the Market contractPotential storage-collision issueSaferERC20 additional checksEIP-712 implementationMarket setters should only be called onceUtilizing eth-brownie for testingCentralizationAMM oracle pricing
Threat ModelWhat are threat models?AbstractSwapper.solAuctions.solCollateral.solCredit.solDebt.solEIP712.solERC20Base.solERC20Permit.solEnFi4626.solLendingStrategy.solMarket.solProxyManager.solRoles.solSaferERC20.solUniswapV2Swapper.sol
Audit ResultsSummary
Category: Business Logic

[FIXED] Slippage is set to zero during swap

High Severity
High Impact
High Likelihood

Description

Multiple slippage checks are set to zero when performing a token swap.

Impact

This is hazardous because it could allow users to trade at 100% slippage rates.

swapper.swap(asset_, address(this), receiver, amount, 0);

Recommendations

We recommend passing a nonzero slippage parameter for the swap function and making sure that the user is aware of the slippage rate.

Remediation

This issue was fixed by enforcing a 2% maximum slippage from the reference value of the swap provided by the signed reserves, added in commit 571dbc66.

Zellic © 2024Back to top ↑