SmartVaultV3.swap() - using block.timestamp as expiration deadline offers no protection
Summary
AMMs like Uniswap V3 allow users to specify a deadline parameter that enforces a time limit by which the transaction must be executed. Without a deadline parameter, the transaction may sit in the mempool and be executed at a much later time potentially resulting in a worse price for the user.
However, using block.timestamp for the deadline offers no protection at all.
Vulnerability Details
Whenever the validator decides to include the txn in a block, it will be valid at that time, since block.timestamp will be the current timestamp(i.e the timestamp of including the txn in the block, doesn't matter when it was submitted).
Therefore, block.timestamp offers no protection at all against executing the transaction at a much later time than intended.
Impact
A validator can just hold the transaction until maximum slippage is incurred.
Or find a way to benefit himself, he can hold the transaction, which may be done to free up capital to ensure that there are funds available to do operations to prevent liquidation.
Regardless of this, a deadline was intended to be implemented by the function but as of now, it serves no purpose at all.
Tools Used
Manual review
Recommendations
Add a deadline argument to the function and pass it along to the AMM call.
Lead Judging Commences
deadline-check-low
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.