Skip to content

[audit-08] fix: [TRST-L-5] Add slippage protection #1205

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: ma/indexing-payments-audit-fixes-07-L-3
Choose a base branch
from
Open

[audit-08] fix: [TRST-L-5] Add slippage protection #1205

wants to merge 1 commit into from

Conversation

matiasedgeandnode
Copy link
Contributor

Screenshot 2025-07-23 at 21 59 47

@matiasedgeandnode matiasedgeandnode changed the title fix: [TRST-L-5] Add slippage protection [audit-08] fix: [TRST-L-5] Add slippage protection Jul 24, 2025
@openzeppelin-code OpenZeppelin Code
Copy link

openzeppelin-code bot commented Jul 24, 2025
edited
Loading

[audit-08] fix: [TRST-L-5] Add slippage protection

Generated at commit: 836c0c2ec01551a4cc09cd5143f88eab62e8ea9b

🚨 Report Summary

Severity Level Results
Contracts Critical
High
Medium
Low
Note
Total		 2
4
0
15
39
60
Dependencies Critical
High
Medium
Low
Note
Total		 0
0
0
0
0
0

For more details view the full report in OpenZeppelin Code Inspector

@matiasedgeandnode matiasedgeandnode force-pushed the ma/indexing-payments-audit-fixes-07-L-3 branch from e7d19d7 to 937fb97 Compare August 3, 2025 18:44
@matiasedgeandnode matiasedgeandnode force-pushed the ma/indexing-payments-audit-fixes-08-L-5 branch from 54747b8 to cd51aba Compare August 3, 2025 18:45
@matiasedgeandnode matiasedgeandnode force-pushed the ma/indexing-payments-audit-fixes-07-L-3 branch from 937fb97 to aac9f8b Compare August 3, 2025 19:24
@matiasedgeandnode
fix: [TRST-L-5] Add slippage protection
836c0c2 
Implements slippage protection mechanism to prevent silent token loss
during rate-limited collections in RecurringCollector agreements.

The implementation uses type(uint256).max convention to disable slippage
checks, providing users full control over acceptable token loss during
rate limiting.

Resolves audit finding TRST-L-5: "RecurringCollector silently reduces
collected tokens without user consent"
@matiasedgeandnode matiasedgeandnode force-pushed the ma/indexing-payments-audit-fixes-08-L-5 branch from cd51aba to 836c0c2 Compare August 3, 2025 19:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pcarranzav pcarranzav pcarranzav approved these changes

@tmigone tmigone Awaiting requested review from tmigone

@Maikol Maikol Awaiting requested review from Maikol

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@matiasedgeandnode @pcarranzav