Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

lamsy - _swapRWAtoStbc Slippage Control Concerns #278

Open
sherlock-admin4 opened this issue Nov 13, 2024 · 0 comments
Open

lamsy - _swapRWAtoStbc Slippage Control Concerns #278

sherlock-admin4 opened this issue Nov 13, 2024 · 0 comments

Comments

@sherlock-admin4
Copy link

sherlock-admin4 commented Nov 13, 2024
edited
Loading

lamsy

Medium

_swapRWAtoStbc Slippage Control Concerns

Summary

https://github.com/sherlock-audit/2024-10-usual-labs-v1/blob/main/pegasus/packages/solidity/src/daoCollateral/DaoCollateral.sol#L612-L686

The _swapRWAtoStbc function facilitates the swapping of RWA (Real-World Asset) tokens for USD0 stablecoins, allowing for partial matching and using off-chain approvals through an optional permit. However, the function lacks any explicit slippage control mechanisms, which could result in substantial variances between the anticipated and actual USD value obtained from the swap. This exposes users to potential price volatility and may lead to unexpected results in terms of the value received.

Root Cause

The function does not provide any slippage control or price limits to account for fluctuations in asset values during the swap. This means users might not get the expected value in USD0 if the market price deviates during the transaction. The lack of slippage protection can lead to user dissatisfaction or financial loss in volatile markets.

Internal pre-conditions

The amountInTokenDecimals must be greater than zero and within the maximum limit of uint128.
The orderIdsToTake array must contain at least one order ID.
The RWA token must be an approved USD0 collateral token.

External pre-conditions

The caller must have a valid token allowance for rwaToken or provide a valid permit signature for the contract to authorize the transfer.
The contract relies on an external swapper engine to process the swap.

Attack Path

The absence of slippage protection can indirectly expose users to unfavorable swaps due to high price fluctuations or slippage in the swapper engine, especially if USD0 is minted at an unfavorable rate

Impact

Severity: Medium
Impact Description: Without slippage protection, the user may receive significantly less value in USD0 than expected due to price changes in the RWA token or varying order availability. This could lead to unexpected outcomes and financial loss if the actual swap price significantly diverges from the anticipated rate.

PoC

A user initiates a swap with an amountInTokenDecimals expecting a specific amount of USD0 in return.
During the swap, the price of the RWA token fluctuates, causing the wadRwaQuoteInUSD (RWA to USD quote) to be different from the expected rate.
The user receives less USD0 than anticipated, resulting in a loss due to slippage.

Mitigation

Add Slippage Control Parameter: Introduce a slippage tolerance parameter in the function, allowing the caller to specify the minimum amount of USD0 they are willing to accept. If the swap results in less than this minimum amount, the function should revert. This mitigates the risk of receiving less value due to slippage.
@sherlock-admin4 sherlock-admin4 changed the title Late Opal Shrimp - _swapRWAtoStbc Slippage Control Concerns lamsy - _swapRWAtoStbc Slippage Control Concerns Nov 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sherlock-admin4