Uniswap / AMM / DEX Security Checklist
45 security checks for decentralized exchanges, automated market makers, and Uniswap-style protocols. Covering swap mechanics, oracle security, liquidity management, MEV protection, and common DeFi vulnerabilities.
Critical Threat Landscape
AMMs and DEXs are among the most targeted DeFi protocols:
• $1B+ lost to DEX/AMM exploits including flash loan attacks and oracle manipulation
• 1,084 findings analyzed from Uniswap-related protocol audits on Code4rena and other platforms
• 45 vulnerability patterns identified across swap, oracle, liquidity, and fee categories
• Price manipulation remains the #1 attack vector for AMM protocols
• MEV & sandwich attacks cause millions in user losses annually
CATEGORIES
Swap Oracle Price Manipulation
HighUniswap-based oracles are vulnerable to price manipulation attacks via flash loans and liquidity changes
Pool Liquidity Calculation Errors
HighIncorrect liquidity calculations in AMM pools cause fund loss or stuck assets
Router Token Approval Issues
HighMissing or incorrect token approvals for router operations cause transaction failures
Position NFT Manipulation
HighAttackers can manipulate V3 position NFTs to steal funds or cause undercollateralization
Swap Fee Collection and Distribution
MediumIncorrect handling of swap fees leads to user losses or protocol insolvency
Pool Cardinality and Configuration
MediumHardcoded or missing pool configurations lead to DoS or incorrect pricing
Incorrect Price Calculation Logic
HighPrice calculations use wrong formulas or data sources leading to incorrect valuations
Liquidity Manipulation for Price Control
HighAttackers manipulate liquidity to control AMM prices and exploit dependent protocol logic
Oracle Manipulation via Flash Loans
HighFlash loans can manipulate TWAP or spot prices to exploit protocol logic
Rounding Errors in Price Calculations
HighRounding errors in price calculations lead to fund losses or incorrect valuations
Oracle Data Feed Reliability
MediumOracle feeds can be disabled, delayed, or return stale data during volatility
Missing Price Validation and Bounds
MediumMissing price validation allows extreme or invalid prices in calculations
Admin Pool Parameter Manipulation
HighAdmin functions can be exploited to manipulate pool parameters and steal funds
Flash Loan Attacks on LP Rewards
HighFlash loans used to steal accrued LP rewards before proper distribution
Liquidity Operation Slippage Bypass
HighMissing slippage protection on liquidity add/remove enables sandwich attacks
Unsafe External Calls in Liquidity Operations
HighUnsafe external calls during liquidity operations cause reentrancy or fund loss
Liquidity Fee Accounting Errors
MediumIncorrect fee updates in deposit/withdraw functions lead to protocol losses
Position Range and Tick Handling Flaws
MediumImproper tick and position range handling leads to stuck funds
Fee Decimal Precision Errors
HighIncorrect decimal handling causes fee miscalculations across different tokens
Fee-on-Transfer Token Accounting
HighFee-on-transfer tokens cause incorrect balance calculations and supply tracking
Missing Fee Collection on Withdrawal
HighAccumulated fees not included in withdrawal calculations, shortchanging users
Protocol Fee Trapping
MediumFees become permanently locked in contracts due to transfer restrictions
Reentrancy in Fee Claiming
MediumUnprotected fee claiming functions allow double-claiming via reentrancy
Front-Running and Sandwich Attacks
HighTransactions can be front-run or sandwiched, causing financial loss to users
Cross-Contract Reentrancy via MEV
HighExternal calls before state updates enable recursive attacks and fund theft
Insufficient Slippage Protection
MediumMissing or inadequate slippage checks lead to unexpected losses on swaps and deposits
Price Arbitrage via Multi-Collateral Systems
MediumPrice discrepancies between collateral types enable arbitrage attacks
ERC777 Reentrancy via Transfer Hooks
HighERC777 tokens trigger reentrancy via transfer hooks, bypassing checks-effects-interactions
Permit Function Compatibility
MediumPermit signatures fail with non-standard tokens, breaking gasless approval flows
Non-Standard Token Behavior Assumptions
MediumHardcoded assumptions about token decimals, rebasing, and transfer behavior cause failures
Unchecked Transfer Return Values
MediumToken transfers that don't verify return values allow silent failures and fund loss
Exploitable Rounding Direction
HighConsistent rounding in one direction enables fund drainage through repeated transactions
Arithmetic Overflow and Underflow
MediumInteger overflow/underflow in token amount and price calculations
Precision Loss in Reward Distribution
MediumReward calculations lose precision, causing rewards to round to zero
First Depositor Share Inflation Attack
MediumFirst deposit in ERC4626 vaults can manipulate share-to-asset ratio
Flash Loan Reward Theft
HighStaking contracts vulnerable to flash loan attacks that steal accrued rewards
Insufficient Callback Validation
MediumCallback functions with weak validation enable unauthorized actions
Missing Initiator Context in Flash Actions
MediumFlash loan functions fail to pass initiator context to callback recipients
Position NFT Access Control Bypass
HighNFT splitting, transfer locks, and ownership checks can be bypassed to steal positions
Unsafe NFT Transfers to Contracts
HighNFT transfers to contracts without ERC721Receiver freeze user assets permanently
Liquidation Threshold and Market Lifecycle
MediumInsufficient safety margins and deprecated market handling cause incorrect liquidations
Missing Access Control on Critical Functions
HighAutomation and admin functions lack proper caller restrictions
Initialization and Deployment Attacks
MediumUnguarded initializers allow attackers to front-run contract deployment
Owner Self-Revocation and Permission Gaps
LowOverly broad permissions and self-revocation risks lead to contract lockout
Stuck Funds from Failed Operations
MediumFailed emergency functions, reverted cross-chain transactions, and edge cases permanently lock user funds
Need a Professional DEX / AMM Audit?
AMMs and DEXs handle billions in daily volume. Get your protocol audited by a team that understands Uniswap-style architectures and DeFi-specific attack vectors.
