Submission Details
Severity:
MEV attacks Exploit Potential due to missing deadline function.
Summary
MEV bots exploits or attacker is possible since deadline is absent in the SablierFlow:withdrawfunction and have higher chance when transaction is in the mempool.
Vulnerability Details
Here is the details:
function withdraw(
uint256 streamId,
address to,
uint128 amount
)
external
override
noDelegateCall
notNull(streamId)
updateMetadata(streamId)
returns (uint128 withdrawnAmount, uint128 protocolFeeAmount)
{
// Checks, Effects, and Interactions: make the withdrawal.
(withdrawnAmount, protocolFeeAmount) = _withdraw(streamId, to, amount);
}
Impact
MEV (Miner Extractable Value) attacks may occur if a pending transaction in the mempool remains open-ended, allowing malicious entities to profit off delayed transactions.
Tools Used
Manual Review
Reccommendation
deadlineparameter is recommended to be used in the withdrawfunction below to prevent MEV attacks on pending transactions.
function withdraw(
uint256 streamId,
address to,
uint128 amount,
+ uint256 deadline,
)
external
override
noDelegateCall
notNull(streamId)
updateMetadata(streamId)
returns (uint128 withdrawnAmount, uint128 protocolFeeAmount)
{
// Checks, Effects, and Interactions: make the withdrawal.
(withdrawnAmount, protocolFeeAmount) = _withdraw(streamId, to, amount);
}
Prize pool breakdown
Total prize
20,000 USDC
nSLOC
69929 USDC / LOC
19,000 USDC
1,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.