RamsesRouterConnector Manual Review Findings

RRC-01M: Inexistent Approval of LP Units

Type	Severity	Location
Logical Fault		RamsesRouterConnector.sol:L49-L58

Description:

The RamsesRouterConnector::removeLiquidity function does not approve the LP asset that will ultimately be burned to extract the relevant funds, rendering the integration incompatible.

Impact:

The current RamsesRouterConnector::removeLiquidity function implementation is incompatible with the Ramses Exchange implementation as it does not provide an adequate approval of the LP units removed toward the router implementation.

Example:

Copy
43function removeLiquidity(
44    RemoveLiquidityParams memory removeLiquidityParams
45) external override {
46    RamsesLiquidityExtraData memory _extraData = abi.decode(
47        removeLiquidityParams.extraData, (RamsesLiquidityExtraData)
48    );
49    IRamsesRouter(removeLiquidityParams.router).removeLiquidity(
50        removeLiquidityParams.tokens[0],
51        removeLiquidityParams.tokens[1],
52        _extraData.isStablePool,
53        removeLiquidityParams.lpAmountIn,
54        removeLiquidityParams.minAmountsOut[0],
55        removeLiquidityParams.minAmountsOut[1],
56        address(this),
57        block.timestamp
58    );
59}

Recommendation:

We advise the referenced function to properly approve the relevant pair that the LP amounts are attached to toward the router, ensuring that the liquidity removal operation succeeds properly.

Alleviation (6ab7af3bb495b817ffec469255ea679b1813eecb):

The vfat team evaluated this exhibit and clarified that the approval operation is occurring within the ZapLib implementation and specifically at this point.

As such, we consider this exhibit to be invalid when considered through the ZapLib integration and thus nullified.