Dangerous use of the deadline parametr during in IncreaseLiquidityParams.
Summary
The increaseLiquidityCurrentRange function does not allow to submit a deadline for the increaseLiquidity actions
Vulnerability Details
The protocol is using block.timestamp as the deadline argument while interacting with the Uniswap NFT Position Manager, which completely defeats the purpose of using a deadline.
Impact
When you use block.timestamp as a condition or deadline for time-sensitive operations, it might not achieve the desired effect. This is because block.timestamp represents the timestamp of the block when the transaction is mined. The check block.timestamp <= block.timestamp compares the timestamp of the block against itself.
Tools Used
Manual review
Recommendations
Add a deadline parameter to the functions that are used to manage the liquidity position. And forward this parameter to the corresponding underlying calls to the Uniswap NonfungiblePositionManager contract.
Lead Judging Commences
Protocol should not use block.timestamp as deadline in Uniswap interactions because it renders the protection mechanism useless
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.