Possible DoS attack in SingleTokenJoin.sol #132
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
duplicate
This issue or pull request already exists
Handle
p4st13r4
Vulnerability details
Impact
An attacker can perform a DoS attack by sending a small quantity of
outputToken
onSingleTokenJoin
. Affected code is at https://github.com/code-423n4/2021-12-amun/blob/main/contracts/basket/contracts/singleJoinExit/SingleTokenJoin.sol#L134More details: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities
Tools Used
Editor
Recommended Mitigation Steps
Possible mitigation: Consider renaming
outputAmount
tominOutputAmount
and changing the require to:The text was updated successfully, but these errors were encountered: