Summary

The ISwapRouter.ExactInputSingle params (used in Fees.sol) does not include a deadline check, making it vulnerable to bad swaps/font-running/sandwich attacks.

https://github.com/Cyfrin/2023-07-beedle/blob/658e046bda8b010a5b82d2d85e824f3823602d27/src/Fees.sol#L30-L40

Vulnerability Details

Trading activity is very time sensitive. Without a deadline check, the trade transaction can be can be pending in mempool for a long time and only executed a long time after the caller submits the transaction. At the time of execution, the trade can be done in a sub-optimal price, which harms caller's position.

In other cases, a validator can hold the transaction until it becomes advantageous according to market conditions (e.g. slippage or front-running the original user's transaction). This could potentially happen to large amounts, due to widespread usage of bots and MEV. Because front-running is a key aspect of AMM design, the deadline check is a useful tool to ensure that a transaction cannot be “saved for later”.

In this regard, having a valid deadline check is very important as it ensures that the transaction will be executed on time and expired transactions will revert which prevents loss of funds.

Impact

See above.

Tools Used

Manual review.

Recommendations

Include a deadline parameter in ExactInputSingleParams.