Direct theft of any user funds, whether at-rest or in-motion, other than unclaimed yield
Description
Brief/Intro
The TokeAutoEthStrategy deposits WETH into the Tokemak AutoETH ERC4626 vault using router.depositMax(autoEth, address(this), 0) with a slippage parameter of 0. This provides no price protection and exposes allocations to sandwich attacks and adverse price execution, where an attacker can manipulate the vault’s exchange rate or surrounding liquidity to force the strategy to mint fewer shares per WETH deposited.
Vulnerability Details
Inside _allocate, the strategy approves WETH to the router and calls depositMax with minShares = 0:
// no slippage protection uint256 shares = router.depositMax(autoEth,address(this),0);TokenUtils.safeApprove(address(autoEth),address(rewarder), shares);rewarder.stake(address(this), shares);
Implications:
minShares = 0 means any outcome is accepted; there is no bound against receiving fewer shares due to transient price movements, manipulation, or off-by-one rounding in the vault.
An attacker can front-run the allocation by pushing up the vault exchange rate, causing the strategy to mint fewer shares for the same WETH. The attacker can then revert the move (back-run) and capture the difference.
Because _allocate returns amount (in WETH) regardless of minted shares, the strategy records full principal allocated while potentially receiving diminished shares value, silently crystallising a loss at entry time.
Impact Details
Direct asset loss at allocation time: minted shares < fair value due to MEV manipulation or adverse execution.
Accounting mismatch: the strategy returns amount as allocated while economic value received may be less, masking instantaneous loss.
