TWAP duration for Uniswap Oracle should be at least 30 mins
Summary
Setting twap period to less than 1800 seconds is very dangerous and can lead to manipulations.
Vulnerability Details
In LibUniswapOracle.sol, the lookback period is set to 900 seconds, 15 minutes.
This is quite dangerous as setting TWAP period to less than 1800 increases the risk of an attacker being bold enough to risk manipulating the twap price. 1800 secs is the typically used by Uniswap in their studies. This is done because it makes manipulations more expensive and manipulators risk heavy losses, holding the the price for that long over multiple blocks. Setting any lower risk actual manipulations taking place as attackers have been known to use their own capital (instead of flash loan) to keep the price manipulated for more than a block, making them vulnerable to arbitrage. In the Rari's Fuse hack, the attacker risked their capital and waited for multiple blocks. The root cause of that hack was due to price manipulation of the Uniswap V3 TWAP oracle, which had a TWAP duration lesser than 1800 secs.
Impact
Increased risk of price manipulation due to lookout period being less than 30 minutes.
Tools Used
Manual code review
Recommendations
Recommend setting to 1800 seconds instead.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.