In USSD.sol function UniV3SwapInput swap token without a slippage limit which makes it possible to do sandwich attack and create MEV sandwich attack

Summary

The function UniV3SwapInput in USSD contract doesn't have a slippage limit so USSDRebalancer can be sandwiched

Vulnerability Detail

The function UniV3SwapInput is used to swap tokens and the parameters amountOutMinimum is always set to 0 so when USSDRebalancer tried to Rebalance it uses USSD.UniV3SwapInput which doesn't have a slippage limit SEARCHERS can frontrun and sandwich USSDRebalancer
https://github.com/sherlock-audit/2023-05-USSD/blob/main/ussd-contracts/contracts/USSD.sol#L227

Impact

it creates MEV opportunity
loss funds

Code Snippet

V3SwapRouter.ExactInputParams memory params = IV3SwapRouter
            .ExactInputParams({
                path: _path,
                recipient: address(this),
                amountIn: _sellAmount,
                amountOutMinimum: 0
            });

Tool used

Manual Review

Recommendation

don't set amountOutMinimum to zero

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

024.md

024.md

In USSD.sol function UniV3SwapInput swap token without a slippage limit which makes it possible to do sandwich attack and create MEV sandwich attack

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

Files

024.md

Latest commit

History

024.md

File metadata and controls

In USSD.sol function UniV3SwapInput swap token without a slippage limit which makes it possible to do sandwich attack and create MEV sandwich attack

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation