MorpheusAI
MorpheusAI
Foundry
22,500 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Lack of deadline protection in makes it Front-runnable

yotov721OLD

Summary

The ISwapRouter.exactInputSingle params's deadline is currently set to block.timestamp making it ineffective.

ISwapRouter.ExactInputSingleParams memory swapParams_ = ISwapRouter.ExactInputSingleParams({
tokenIn: _tokenIn,
tokenOut: _tokenOut,
fee: _poolFee,
recipient: address(this),
@> deadline: block.timestamp,
amountIn: _amountIn,
amountOutMinimum: _minOut,
sqrtPriceLimitX96: 0
});

Vulnerability Details

Most of the functions that interact with AMM pools do not have a deadline parameter, but specifically the case here is passing block.timestamp to a pool, which means that whenever the miner decides to include the transaction in a block, it will be valid at that time, since block.timestamp will be the current timestamp.

Deadlines serve as valuable tools to prevent transactions from being delayed for future execution.

Impact

With the elimination of the deadline check, validators may find it more lucrative to withhold the transaction from inclusion until it experiences the maximum allowable slippage.

Tools Used

Manual review

Recommendations

Pass a deadline as a function parameter or just hardcode it to block.timestamp + 30 seconds for example

Updates

Lead Judging Commences

inallhonesty Lead Judge
over 1 year ago
inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Protocol should not use block.timestamp as deadline in Uniswap interactions because it renders the protection mechanism useless

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.