Skip to main content

Slippage Parameter Missing or Ineffective

What it detects

This detector flags token swap or trading functions that lack a proper slippage parameter or fail to enforce it. Slippage refers to the difference between the expected output of a trade and the actual received amount due to price movement between the time a transaction is signed and when it is mined.

If slippage protection is not included or is included but not validated, a user's swap can execute at a significantly worse rate than expected. This is especially dangerous in DeFi where front-running and MEV (miner-extractable value) are common.

The detector checks for:

  • Absence of a minAmountOut or minReceived parameter
  • Ignored or ineffective validation logic for received amount
  • Comparison after transfer or swap logic (too late to prevent loss)
  • Over-reliance on getPrice() without accounting for state changes mid-transaction

Typical symptoms

  • Swap functions that accept any amount of output, regardless of market change
  • Missing or meaningless require(output >= minOut) checks
  • Users experience major price divergence between expected and actual trade results
  • Inability to control trade tolerance leads to unbounded losses
  • Protocols vulnerable to front-running, sandwich attacks, or oracle drift

Solidity snippet (v0.8.25)

pragma solidity ^0.8.25;

contract Swap {
    function trade(uint256 amountIn) external {
        // No slippage control
        // No `minAmountOut` argument
        // Price may change due to front-running or rebalancing
        uint256 tokensOut = getPrice(amountIn);

        // Unsafe: transfer proceeds regardless of price change
        // ERC20(tokenOut).transfer(msg.sender, tokensOut);
    }
}

Corrected Version with Slippage Protection

function trade(uint256 amountIn, uint256 minAmountOut) external {
    uint256 tokensOut = getPrice(amountIn);
    require(tokensOut >= minAmountOut, "Slippage too high");
    
    // Safe to proceed
    // ERC20(tokenOut).transfer(msg.sender, tokensOut);
}

Why it matters on EVM

The EVM operates in an environment where price changes can occur between the time a transaction is signed and the time it is mined. This opens users up to:

  • Price manipulation via front-running or sandwich attacks
  • Loss of value due to insufficient protections
  • Unpredictable and unsafe trading experiences

Without slippage protection:

  • Attackers can exploit volatile markets to extract value
  • Trades may succeed on-chain while failing economically (users lose value)
  • Protocols expose users to unnecessary financial risk

Effective slippage checks (e.g., via require(tokensOut >= minAmountOut)) ensure that users never receive less than they expected or approved. This builds trust in swap logic and protects both users and protocols from exploitative behavior.