Submission Details
Severity:
The `deposit` function lacks a deadline check, allowing users to make deposits after the deadline
Summary
the
depositfunction lacks a deadline check, allowing users to make deposits after the deadline which can lead to the unfair advantage to the users.
Vulnerability Details
deposit function is used to deposit the funds to the pool, but there is no deadline check in the deposit function which can lead to the un fair advantage to the users.
function deposit(
uint256 wethToDeposit,
uint256 minimumLiquidityTokensToMint,
uint256 maximumPoolTokensToDeposit,
uint64 deadline
)
external
revertIfZero(wethToDeposit)
returns (uint256 liquidityTokensToMint)
{
if (wethToDeposit < MINIMUM_WETH_LIQUIDITY) {
revert TSwapPool__WethDepositAmountTooLow(
MINIMUM_WETH_LIQUIDITY,
wethToDeposit
);
}
..............
.............
..........
....
..
}
Impact
User can call deposit without a deadline
Tools Used
Manual review
Recommendations
Add this modifier to check the deadline of the deposit function
function deposit(
uint256 wethToDeposit,
uint256 minimumLiquidityTokensToMint,
uint256 maximumPoolTokensToDeposit,
uint64 deadline
)
external
revertIfZero(wethToDeposit)
+ revertIfDeadlinePassed(deadline)
returns (uint256 liquidityTokensToMint)
{
if (wethToDeposit < MINIMUM_WETH_LIQUIDITY) {
revert TSwapPool__WethDepositAmountTooLow(
MINIMUM_WETH_LIQUIDITY,
wethToDeposit
);
}
......
.....
.....
}
Updates
Appeal created
inallhonesty 12 months ago
Submission Judgement Published Assigned finding tags:
`deposit` is missing deadline check causing transactions to complete even after the deadline
Rewards breakdown
nSLOC
276This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.