Kind White Buffalo
High
When votes are sold there is no slippage protection on the amount of ETH the seller will receive. As a result, users may sell their votes for a lower value than intended.
In sellVotes the user specifies the number of votes they want to sell, however, they do not specify the minimum amount of ETH they should receive for their votes. This is problematic as right before the seller's call to sellVotes is executed another user may sell their votes from the same type or buy votes from the opposite type, decreasing the price at which the votes will be sold.
It is important to note that such protection is implemented when buying votes: https://github.com/sherlock-audit/2024-11-ethos-network-ii/blob/57c02df7c56f0b18c681a89ebccc28c86c72d8d8/ethos/packages/contracts/contracts/ReputationMarket.sol#L461
No response
No response
- A user decides to sell a TRUST vote, at the time that they call
sellVotesthe price is 1 ETH. - Right before the transaction is executed another user buys UNTRUST votes, causing the price of selling the vote to decrease to 0.5 ETH.
- The seller sells the vote for only 0.5 ETH, even though they intended to sell it for 1 ETH, and the second user that bought the UNTRUST votes can sell them for a higher price.
A seller can be sandwiched when selling their votes, causing them to lose funds.
No response
Allow the seller to specify a minimum amount of ETH that they should receive for their votes.