Price Impact

Overview

The price impact detector identifies large token swaps executed without price impact validation. Large trades can significantly move pool prices, enabling sandwich attacks and MEV extraction if not properly bounded. It flags swaps that lack pre/post price comparison, maximum price impact thresholds, and front-run protection mechanisms.

For remediation guidance, see Price Impact Remediation.

Why This Is an Issue

When a large swap moves the pool price significantly, the trader receives a worse execution price. Without price impact checks, programs allow swaps that move the price beyond acceptable bounds, creating opportunities for sandwich attackers to extract value from both the price movement before and after the victim’s trade. Programs that perform swaps proportional to pool reserves without impact validation are particularly vulnerable.

How to Resolve

Before (Vulnerable)

// Vulnerable: no price impact check
pub fn large_swap(ctx: Context<Swap>, amount: u64) -> Result<()> {
    let output = execute_swap(&ctx.accounts.pool, amount)?;
    token::transfer(ctx.accounts.into_ctx(), output)?;
    Ok(())
}

After (Fixed)

// Fixed: validates price impact before executing
pub fn large_swap(
    ctx: Context<Swap>,
    amount: u64,
    max_price_impact_bps: u16,
    min_output: u64,
) -> Result<()> {
    let price_before = get_pool_price(&ctx.accounts.pool)?;
    let output = execute_swap(&ctx.accounts.pool, amount)?;
    let price_after = get_pool_price(&ctx.accounts.pool)?;

    let impact_bps = price_before.abs_diff(price_after) * 10000 / price_before;
    require!(impact_bps <= max_price_impact_bps as u64, ErrorCode::PriceImpactTooHigh);
    require!(output >= min_output, ErrorCode::SlippageExceeded);

    token::transfer(ctx.accounts.into_ctx(), output)?;
    Ok(())
}

Example JSON Finding

{
  "detector": "price-impact",
  "severity": "high",
  "confidence": 0.7,
  "message": "Swap executed without price impact validation -- large trades vulnerable to MEV",
  "location": { "function": "large_swap", "block": 0, "statement": 2 }
}

Detection Methodology

1. Swap operation detection: Identifies CPI calls to DEX programs.
2. Price comparison search: Looks for pool price reads before and after swap operations.
3. Impact threshold check: Verifies that price differences are compared against a maximum threshold.
4. Large amount heuristics: Flags swaps that use amounts derived from pool reserve proportions.

Limitations

False positives: Swaps through aggregators like Jupiter that handle price impact internally may be flagged. False negatives: Price impact through illiquid pools with no on-chain liquidity data is not detected.

Related Detectors

• Slippage Protection — minimum output amount validation
• MEV Vulnerabilities — broader MEV patterns
• Liquidity Manipulation — pool state manipulation

References

• CWE-20: Improper Input Validation
• Solana — Transactions