Lack of time specific input can result in MEVs exploiting the sellProfits
TX.
From the code snippet bellow we can see that for the UNI call the deadline parameter is set to block.timestamp
. Deadline is where is the last time that the TX can be executed, and any time after it it revert. The issue here is that block.timestamp
can be easily manipulated by the MEVs (they can include it in this block,top or bottom, or even pay the block proposers to put it in the next block). This all means that the deadline is useless, since block.timestamp
is when the TX is executed and no matter when it's executed it's gonna pass (now, a day later, or even a year).
MEVs, could game the sellProfits
TX.
Set a deadline settle in the function.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.