Ancient Fern Cormorant
High
Absence of slippage protection in the sellVotes function may lead to big loss of funds for users. This is possible due to the way that a price of a vote is calculated in the RepMarket::_calcVotePrice:
function _calcVotePrice(Market memory market, bool isPositive) private pure returns (uint256) {
uint256 totalVotes = market.votes[TRUST] + market.votes[DISTRUST];
return (market.votes[isPositive ? TRUST : DISTRUST] * market.basePrice) / totalVotes;
}This way of calculating the price of a share can lead to loss of funds for the user, since the price can get inflated/deflated from other users buy the same or the counterpart votes. Such slippage mechanism is implemented in buyVotes function to prevent the users from getting less votes than they want and should be implemented in sellVotes for preventing the users from getting less eth than they want.
Absence of slippage protection in the sellVotes function
User want to sell his votes
None
None
Loss of funds for users that want to sell their votes
No response
add slippage protection like in the buyVotes function