Its a bit late now that the ERC is finalized, but I’m wondering why “minOut” / “maxIn” parameters were not included in the deposit, mint, withdraw and redeem functions.
While the preview functions give an accurate prediction, this may change between the moment a user signs a transaction and the moment its mined. Frontrunning in particular make this ERC possibly dangerous without these additional checks.
I would recommend this ERC gets extended to include
function deposit(uint256 assets, address receiver, uint256 minShares) external returns (uint256 shares) {
shares = deposit(assets, receiver);
require(shares >= minShares);
}
function mint(uint256 shares, address receiver, uint256 maxAssets) external returns (uint256 assets) {
assets = mint(shares, receiver);
require(assets <= maxAssets);
}
function withdraw(uint256 assets, address receiver, address owner, uint256 maxShares) external returns (uint256 shares) {
shares = withdraw(assets, receiver, owner);
require(shares <= maxShares);
}
function redeem(uint256 shares, address receiver, address owner, uint256 minAssets) external returns (uint256 assets) {
assets = redeem(shares, receiver, owner);
require(assets >= minAssets);
}