Swap & Trading Security Checklist
Security checks for DEX swap execution, routing, MEV protection, and trading mechanics. 40 security checks derived from 1,505 real audit findings. Covering swap execution, routing, MEV protection, fee mechanisms, flash swaps, reentrancy, token compatibility, and access control.
Threat Analysis
Key statistics from analyzing 1,505 audit findings:
• 1,505 findings analyzed from real smart contract audits across major DeFi protocols
• 40 vulnerability patterns identified and categorized across 8 security domains
• 27 Critical/High items require immediate attention in any audit
CATEGORIES
Swap Function Input Validation Missing
MediumSwap functions fail to validate calldata against SwapParams, allowing parameter manipulation
Insufficient Swap Path Validation
HighMissing validation of swap routes can lead to token theft or liquidity drain
Incorrect Swap Parameter Handling
HighSwap functions pass incorrect parameters, causing users to receive wrong amounts
Free Token Generation via Swap
HighSwap functions allow receiving tokens without providing input tokens
Swap Reverts on Overly Strict Requirements
MediumInner swap functions using stricter requirements than necessary cause unexpected reverts
Missing Collection-Pool Validation in NFT Swaps
HighNFT swap actions fail to validate collection against the target swap pool
Router ETH Balance Drainage
MediumRouter contract ETH balance can be drained by manipulating swap paths or transfers
Incorrect Timestamp in Price Calculations
HighUsing block.timestamp instead of submitted timestamp in EMA/TWAP calculations
Deprecated Transfer Methods for Native Tokens
MediumUsing .transfer() instead of .call() for native token transfers causes failures
Signature Concatenation Without Delimiters
MediumConcatenating operations and parameters without separators enables signature forgery
Malicious Calldata in Multi-Step Operations
HighMulti-step operations like liquidations can be exploited via malicious calldata injection
MEV and Sandwich Attack Vulnerabilities
HighSwap and liquidity functions vulnerable to front-running and sandwich attacks
MEV Exploitation in AMM Rebalancing
HighAMM rebalancing and compounding functions susceptible to MEV extraction
Post-Callback Execution Exploitation
MediumCallback functions allow additional operations after execution, enabling state manipulation
Gas Limit Exceedance in Batch Auctions
MediumSettlement of batch auctions can exceed gas limit, causing transaction failures
Signature Replay Across Wallet Updates
MediumPublic keys reused across wallet updates enable signature replay attacks
Swap Fee Calculation Manipulation
MediumIncorrect fee calculations allow economic exploits through unbounded accumulation or time manipulation
Incorrect Fee Decimal Scaling
HighAMM protocols miscalculate fees due to decimal scaling errors across token pairs
Inconsistent Fee Logic Between Quote and Execution
HighFee calculations differ between quoting and execution functions, causing unexpected costs
Incorrect Fee Distribution Function Calls
MediumWrong fee calculation functions called in AMM contracts cause improper fee allocation
Fee Rounding Exploitation
HighRounding down of fees or fixed fee levels enables systematic fee avoidance
Reentrancy in Liquidation Functions
HighLiquidation functions vulnerable to reentrancy via external calls before state updates
Reentrancy in LP Token Minting
HighReentrancy during LP token minting allows repeated calls that drain vault funds
Incorrect Rounding Direction in AMM Math
HighRounding errors in AMM pricing functions allow systematic fund extraction
Price Manipulation via Order Splitting
HighSplitting large orders into smaller transactions achieves better rates due to fee/price calculation flaws
State Manipulation in Order Updates
HighRepeatedly calling order update functions creates risk-free trading opportunities
Unsafe Token Transfer Methods
MediumUsing transfer() instead of safeTransfer() causes silent failures with non-standard tokens
Fee-on-Transfer Token Incompatibility
HighFee-on-transfer tokens break expected token behavior in AMM pools
Inconsistent Rounding Directions Across Operations
HighDifferent rounding directions for buy/sell or mint/burn operations create arbitrage
Token Decimal Mismatch
HighHardcoded 18-decimal assumption causes incorrect calculations with non-standard tokens
Missing Token Transfer Validation
HighFunctions process state changes without verifying that token transfers actually succeeded
Oracle Manipulation via Flash Swap Timing
MediumOracle prices updated multiple times in the same block enable arbitrage through flash swaps
Flash Loan Exploitation in Liquidation
HighFlash loans can open/close positions within one transaction to siphon liquidation rewards
Missing Flash Loan Initiator Validation
HighFlash loan callbacks don't verify the caller identity, enabling impersonation
Flash Loan Governance Manipulation
HighFlash loans temporarily inflate voting power to manipulate governance outcomes
Reentrancy in Flash Swap Operations
HighFlash swaps exploitable via reentrancy attacks during token transfers
Mutable Pool Contract Configuration
HighSetter functions for pool contracts can redirect funds or break trading functionality
Unrestricted Owner Withdrawals
HighOwner can withdraw any token at any time, including user-staked tokens
Unrestricted Administrative Functions
HighAdministrative functions lack proper access control restrictions, allowing anyone to call them
Unrestricted Liquidity Ownership Assumption
HighContracts assume full control over liquidity pools without verifying actual ownership
Need a Professional Swap & Trading Audit?
DeFi protocols handle billions in daily trading volume. Get your protocol audited by a team that understands swap mechanics and MEV-specific attack vectors.
