Missing Deadline Checks in CurveAdapter Swaps
Summary
CurveAdapter.sol inherits from BaseAdapter which contains a deadline state variable, but fails to utilize this deadline check in its swap functions (executeSwapExactInputSingle and executeSwapExactInput). This omission can lead to transactions being valid for an unlimited time, potentially exposing users to MEV (Miner Extractable Value) attacks and unfavorable trade execution.
Vulnerability Details
In CurveAdapter.sol, both swap functions:
do not implement deadline checks despite inheriting the deadline functionality from BaseAdapter.
The BaseAdapter contract includes:
but this value is never checked in the CurveAdapter's swap execution functions.
Other parts of the codebase, such as the StabilityBranch, properly implement deadline checks:
Impact
Transactions can remain pending in the mempool indefinitely
Increased exposure to MEV attacks
The attacker can't make you lose more than your slippage tolerance, but they can optimize when the trade executes to their advantage.
They can force trades to execute at the worst price within those bounds
Tools Used
Manual code review
Recommendations
Implement deadline checks in both swap functions
Lead Judging Commences
CurveAdapter does not enforce swap execution time limits like other adapters do
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.