blockdev
high
USSD contract makes trades on Uniswap via its swap router. The amountOutMinimum is set to 0 which means the trade will be successful even if it results in 0 amount of output token. This will lead to heavy sandwiching and frontrunning attacks leading to guaranteed loss making trades for USSD.
USSD.UniV3SwapInput() creates trade data and calls Uniswap router with amountOutMinimum set to 0.
IV3SwapRouter.ExactInputParams memory params = IV3SwapRouter
.ExactInputParams({
path: _path,
recipient: address(this),
//deadline: block.timestamp,
amountIn: _sellAmount,
amountOutMinimum: 0 // <-- problematic value
});High. 100% of the Uniswap trades will result in gaining 0 or dust amount of the output token.
IV3SwapRouter.ExactInputParams memory params = IV3SwapRouter
.ExactInputParams({
path: _path,
recipient: address(this),
//deadline: block.timestamp,
amountIn: _sellAmount,
amountOutMinimum: 0 // <-- problematic value
});Manual Review
Determine a suitable slippage percentage and calculate the minimum amount of output token expected. Set amountOutMinimum to that expected amount.