Platform: Code4rena
Start Date: 14/10/2022
Pot Size: $100,000 USDC
Total HM: 12
Participants: 75
Period: 9 days
Judge: GalloDaSballo
Total Solo HM: 1
Id: 171
League: ETH
Rank: 49/75
Findings: 1
Award: $0.97
🌟 Selected for report: 0
🚀 Solo Findings: 0
0.9728 USDC - $0.97
LBRouter.swapAVAXForExactTokens
The payable function swapAVAXForExactTokens will use amountsIn[0] which was calculated from _getAmountsIn
and call swap, so when msg.value > amountsIn[0] it should transfer leftover AVAX to sender.
Currently it can be underflow by calculate amountsIn[0] - msg.value
if (msg.value > amountsIn[0]) _safeTransferAVAX(_to, amountsIn[0] - msg.value);
Should transfer amount by msg.value - amountsIn[0]
#0 - GalloDaSballo
2022-10-26T18:27:18Z
#1 - GalloDaSballo
2022-11-13T19:54:01Z
L
#2 - c4-judge
2022-11-13T19:54:05Z
GalloDaSballo changed the severity to QA (Quality Assurance)
#3 - Simon-Busch
2022-11-21T06:22:24Z
Reverted to M as requested by @GalloDaSballo Duplicate of https://github.com/code-423n4/2022-10-traderjoe-findings/issues/469
#4 - Simon-Busch
2022-12-05T06:44:21Z
Marked this issue as satisfactory as requested by @GalloDaSballo