Steadefi

Steadefi
DeFiHardhatFoundryOracle
35,000 USDC
View results
Submission Details
Severity: low
Invalid

Slippage and Deadline Parameter Undefined Handling:

Summary

The contracts sets slippage and deadline parameters, but the appropriateness of these values may depend on the specific use case and market conditions. Inadequate or excessive values could lead to issues such as failed swaps or front-running attacks.

Vulnerability Details

The comment for the deadline variable mentions that the deadline is set as the current block timestamp when this function is called, and it justifies this by stating that the function is triggered by a callback/keeper. However, the choice of the deadline value should be explained and justified within every external contract to ensure that it aligns with the intended security and operational requirements.

Impact

The undefined deadline value and its reliance on the current block timestamp can pose a risk if the transaction takes a significant amount of time to be included in a block, as it could fail due to a deadline being exceeded.

Tools Used

-manual code review

Recommendations

Implement a mechanism to handle cases where the deadline is exceeded, such as resubmitting the transaction with an updated deadline, to prevent transactions from getting "stuck" due to timing issues.

Updates

Lead Judging Commences

hans Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Too generic

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.