Lack of slippage control

Summary

In UniswapExtension.sol, the functions uniV3ExactOutputInternal() and uniV3ExactInputInternal() lack slippage control.

Vulnerability Detail

Calling uniV3ExactOutputInternal() and uniV3ExactInputInternal() can lead to slippage.

Impact

The slippage control is set to the maximum and minimum of the allowed max and min sqrt ratio,without precise slippage control, swaps done by user are susceptible to sandwich attacks.

Code Snippet

https://github.com/sherlock-audit/2023-05-ironbank/blob/main/ib-v2/src/extensions/UniswapExtension.sol#L715-L736 https://github.com/sherlock-audit/2023-05-ironbank/blob/main/ib-v2/src/extensions/UniswapExtension.sol#L744-L761

Tool used

Manual Review

Recommendation

Recommend following uniswap's way of implementing the expected minimum amount out check.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

008.md

008.md

Lack of slippage control

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

Files

008.md

Latest commit

History

008.md

File metadata and controls

Lack of slippage control

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation