Hardcoded Uniswap V3 Router Address Hinders Multi-Chain Deployment
Summary
The Fees contract hardcodes the Uniswap V3 router's address, which restricts its cross-chain deployment. This could lead to unexpected behavior or functionality breakdowns on different chains, thus limiting the contract's adaptability and scalability.
Vulnerability Details
The contract in question hardcodes the address of the Uniswap V3 router. This design decision becomes problematic if the contract is to be deployed on different Ethereum-compatible networks. Each of these networks has unique contract addresses for the same protocols, and the hardcoded address in this contract may not necessarily point to the Uniswap V3 router on a different network.
Impact
This issue limits the portability of the contract across various networks. If an attempt is made to deploy this contract on a network where the hardcoded address doesn't correspond to the Uniswap V3 router, the contract may need to be redeployed with the corresponding router address.
Tools Used
manual review
Recommendations
The hardcoded Uniswap V3 router address should be replaced with a constructor parameter. This way, when deploying the contract on a new network, the correct Uniswap V3 router address for that network can be passed into the constructor. Here's an example of how the constructor could be revised:
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.