First Flight #18: T-Swap
First Flight #18
Beginner FriendlyDeFiFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

Missing deadline parameter in `TSwapPool::sellPoolTokens` allows pending transactions to be excluded

lulox

Summary

In Ethereum, miners have some control over the timestamp of the blocks they mine. This flexibility allows them to include or exclude certain transactions in a block and manipulate the timestamp within a certain range. Miners can slightly adjust the block.timestamp to make certain transactions valid or invalid depending on their preference. For example, if the deadline is set to block.timestamp, a miner could manipulate the timestamp to expire a transaction that they don't want to include or to profit from it in some other way.

Impact

Using block.timestamp as the deadline parameter in a swap function on a Uniswap V1 clone can introduce a risk of Miner Extractable Value (MEV).

Tools Used

Manual review

Recommendations

  1. Add a deadline parameter to the sellPoolTokens function to protect users from MEV attacks.

function sellPoolTokens(
uint256 poolTokenAmount
+ uint64 deadline
) external
+ revertIfDeadlinePassed(deadline)
returns (uint256 wethAmount) {
return swapExactOutput(i_poolToken, i_wethToken, poolTokenAmount, deadline);
}

  1. Use Flashbots Protect to call the transactions to avoid MEV attacks.

Updates

Appeal created

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Using `uint64(block.timestamp)` as deadline does nothing.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.