Perfect Coffee Aardvark - Missing Slippage Protection in Token Swaps Medium Risk

[sherlock-admin3]

Perfect Coffee Aardvark

Medium

Missing Slippage Protection in Token Swaps Medium Risk

Summary

The swapCollateralForUSDT function in Treasury.sol executes swaps through ODOS without
any slippage protection.

Root Cause

In Treasury.sol

function swapCollateralForUSDT( 
    IBorrowing.AssetName asset,
    uint256 swapAmount,
    bytes memory odosAssembledData
) external onlyCoreContracts returns (uint256) {
    swapAmount = (swapAmount / 10) * 10;
@> (bool success, bytes memory result) = odosRouterV2.call{value: asset ==
@>     IBorrowing.AssetName.ETH ? swapAmount : 0}(odosAssembledData);
    if (!success) revert Treasury_SwapFailed();
@> return abi.decode(result, (uint256));
}

Key Issues (Lines Marked @>):
External Call Without Minimum Output Check:

The function calls the odosRouterV2 contract to execute the swap without passing or verifying a minimum acceptable output amount.
Marked at @> (bool success, bytes memory result)....
Decoding Result Without Verification:

The output from the swap is decoded and returned without validating whether it satisfies any slippage tolerance or minimum output criteria.
Marked at @> return abi.decode(result, (uint256));

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

The function blindly executes the swap with the assembled data without validating the
minimum output amount. This could allow MEV bots to extract value through sandwich attacks
or allow significant value loss if market conditions change between transaction submission
and execution.

No response

PoC

No response

Mitigation

No response