the implementation of deadline parameter in swap transactions on Uniswap V3. The current setting uses the block.timestamp
as the deadline, leading to possible transaction exploitations.
In the sellProfits()
function, the block.timestamp
is used as the deadline for the exactInputSingle
function from the Uniswap V3 router, this can be seen at L24-L45 of Fees.sol:
As seen this function is passing block.timestamp to a pool, which means that whenever the miner decides to include the txn in a block, it will be valid at that time, since block.timestamp will be the current timestamp.
Now this means that a malicious miner can hold the transaction, It is highly likely that the swap is less profitable for the swapper with time, depends on market conditions, key to note that even if the slippage provided was not 0 i.e amountOutMinimum!= 0
the miner can as well just hold it until maximum slippage is incurred, and execute the tx when it's most suitable for him/her.
Automated Market Makers (AMMs) typically allow users to set a future timestamp as a deadline to ensure that their transactions are not executed at an unfavourable time, and to prevent potential front-running attacks. Using the block.timestamp
as the deadline offers no protection against these possible adverse situations.
Executing the swap in an unfavourable manner for the swapper
Manual Audit
Rather than using the block.timestamp
as the deadline, a future timestamp should be set for the swap.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.