Lone Wintergreen Rattlesnake
Medium
In the _update function, when a user sells tokens on the DEX, the contract has the potential to first swaps up to 1% of the liquidity pool (LP) balance before processing the trade. This swap is triggered inside _processPreSwapFeesAndSwap(), which sells tokens from the contract’s balance into the LP, impacting the token’s market price.
This forced swap mechanism artificially reduces the price before the user’s sell order is executed, resulting in:
- Increased slippage and worse execution prices for traders.
- Potential Denial-of-Service (DoS) for large sell orders.
- MEV exploitation.
Trade Classification & Swap Trigger: If _to == V2_POOL, the function recognizes a sell order. The _processPreSwapFeesAndSwap() function is called before executing the user’s trade.
Forced Pre-Swap Calculation
- The contract calculates a max swap amount as 1% of the LP balance:
uint256 _lpBal = balanceOf(V2_POOL);
uint256 _min = block.chainid == 1 ? _lpBal / 1000 : _lpBal / 4000; // 0.1% or 0.025% LP
uint256 _max = _lpBal / 100; // 1% LP balanceIf the contract balance exceeds _max, it swaps _max before executing the user’s trade. The forced swap reduces the LP’s reserves, causing a drop in price before the user’s trade.
The root cause of the issue is the design choice to use 1% of the LP balance as the max swap amount in _processPreSwapFeesAndSwap() impacts traders that performs sell order on DEX
The automatic swap of up to 1% of pool liquidity creates significant price impact causes:
- Increased slippage and worse execution prices for traders.
- Potential Denial-of-Service (DoS) for large sell orders.
- MEV exploitation.
No response
Reduce Maximum Swap Size from 1%