Description
When sending funds via SideShift or Changelly, the agent does not validate that the provided receive address matches the expected network. For example, sending USDt on Ethereum but providing a Solana address would proceed without warning, resulting in permanently lost funds with no recovery path.
Steps to reproduce
- Initiate a send through SideShift or Changelly
- Specify a destination network (e.g., Ethereum)
- Provide a receive address for a different network (e.g., Solana)
- Complete the send transaction
Expected vs actual
- Expected: Agent validates address format against the selected network and warns the user of a mismatch before executing
- Actual: Transaction proceeds without validation or warning
Scope
- SideShift send flow
- Changelly send flow
Description
When sending funds via SideShift or Changelly, the agent does not validate that the provided receive address matches the expected network. For example, sending USDt on Ethereum but providing a Solana address would proceed without warning, resulting in permanently lost funds with no recovery path.
Steps to reproduce
Expected vs actual
Scope