MorpheusAI
MorpheusAI
Foundry
22,500 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Using `block.timestamp` as the deadline/expiry invites MEV

abiih

Summary

Using block.timestamp as the expiration or deadline for an operation doesn't imply "require immediate execution"; instead, it indicates "I am comfortable with the timestamp of the block in which this transaction appears." Including this value allows a potentially malicious miner to withhold the transaction for an extended period, such as in scenarios like the Flashbots mempool for bundling transactions. This delay could persist until the miner can exploit the transaction to trigger the maximum allowable slippage as per the slippage parameter or until circumstances turn unfavorable enough for the activation of other orders, such as liquidations.

Vulnerability Details

File: contracts/L2TokenReceiver.sol
function swap(uint256 amountIn_, uint256 amountOutMinimum_) external onlyOwner returns (uint256) {
SwapParams memory params_ = params;
ISwapRouter.ExactInputSingleParams memory swapParams_ = ISwapRouter.ExactInputSingleParams({
tokenIn: params_.tokenIn,
tokenOut: params_.tokenOut,
fee: params_.fee,
recipient: address(this),
deadline: block.timestamp,
amountIn: amountIn_,
amountOutMinimum: amountOutMinimum_,
sqrtPriceLimitX96: params_.sqrtPriceLimitX96
});

Impact

This value allows a potentially malicious miner to withhold the transaction for an extended period

Tools Used

Manual Review

Recommendations

To mitigate this risk, timestamps should be chosen off-chain.

Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Protocol should not use block.timestamp as deadline in Uniswap interactions because it renders the protection mechanism useless

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.