No slippage control #55
Labels
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-260
grade-c
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
unsatisfactory
does not satisfy C4 submission criteria; not eligible for awards
Comments
code423n4
added
2 (Med Risk)
|
141345 marked the issue as duplicate of #78 |
|
141345 marked the issue as duplicate of #260 |
|
gzeon-c4 marked the issue as unsatisfactory: |
c4-judge
added
unsatisfactory
|
gzeon-c4 changed the severity to QA (Quality Assurance) |
|
gzeon-c4 marked the issue as grade-c |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Lines of code
https://github.com/code-423n4/2023-08-goodentry/blob/main/contracts/TokenisableRange.sol#L198-L199
https://github.com/code-423n4/2023-08-goodentry/blob/main/contracts/TokenisableRange.sol#L200
Vulnerability details
Impact
Not specifying the minimum amount of tokens to be added to the liquidity pool
https://github.com/code-423n4/2023-08-goodentry/blob/main/contracts/TokenisableRange.sol#L198-L199
shouldn't set the deadline to block.timestamp as a validator can hold the transaction and the block it is eventually put into will be block.timestamp, so this offers no protection
https://github.com/code-423n4/2023-08-goodentry/blob/main/contracts/TokenisableRange.sol#L200
Proof of Concept
https://github.com/code-423n4/2023-08-goodentry/blob/main/contracts/TokenisableRange.sol#L198-L199
https://github.com/code-423n4/2023-08-goodentry/blob/main/contracts/TokenisableRange.sol#L200
Tools Used
Recommended Mitigation Steps
Recommend to add deadline check and add slippage control.
Assessed type
MEV
The text was updated successfully, but these errors were encountered: