Summary

In the swapFrom call within Weather.sol, users will be entitled to receive a portion of WETH when
the price of Bean is high and the debt of Beanstalk is low. This is done by calling the SOP function.

However, when we arrive at swapFrom, type(uint256).max is not defined properly.

Protocols shouldn't set the deadline to block.timestamp as a validator can hold the transaction and
the block it is eventually put into, will be block.timestamp, so this offers no protection.

Protocols should allow users interacting with AMMs to set expiration deadlines; no expiration deadline may
create a potential critical loss of funds vulnerability for any user initiating a swap, especially if there is also no slippage parameter.

Vulnerability Details

In Automated Market Maker (AMM) protocols, users can perform actions like swapping tokens or managing liquidity. A crucial feature for safeguarding these operations is the inclusion of a deadline parameter, as seen in Uniswap V2 and similar platforms. Without such a feature, users might unintentionally enter into disadvantageous swaps..

POC:

Let's imagine a user, Bob, calls GM and when the price of Bean is high & the debt of Beanstalk is low,
SOP is successfully called to swap BEAN for WETH in Beanstalk Farms, intending to use that WETH to buy
another asset later, once its been distributed. Bob submits his swap request but sets a low gas fee, causing his transaction to linger in the mempool for an extended duration — hours, days, or even longer.

If gas prices drop sufficiently for Bob's transaction to finally get mined, the market conditions might have
shifted dramatically. Although Bob receives the expected amount of WETH, its current market value could be far
less favorable than when he initiated the swap.

In the Beanstalk Farms implementation, the swapFrom function does not explicitly specify a deadline for the swap
action, employing type(uint256).max as a stand-in for the deadline. This approach essentially disregards the temporal validity of transactions, leaving them open indefinitely:

Impact

The lack of deadline means that the tx can be withheld at the advantage of the validator and disadvantage
of the user.

Tools Used

Manual Review

Recommendations

Allow for a user defined deadline value, as in the Uniswap models to avoid the above problems.