Front-Running in KeeperProxy.sol
Summary
The KeeperProxy.sol contract is vulnerable to front-running attacks when executing trades. Keepers could exploit this to manipulate prices or extract value from users
Vulnerability Details
The run function in KeeperProxy.sol does not include mechanisms to prevent front-running, such as slippage protection or deadline enforcement
Impact
A malicious keeper could front-run trades, causing users to receive unfavorable prices and lose funds
Tools Used
manual review
Recommendations
Add slippage protection and deadline enforcement to the run function
Lead Judging Commences
Suppositions
There is no real proof, concrete root cause, specific impact, or enough details in those submissions. Examples include: "It could happen" without specifying when, "If this impossible case happens," "Unexpected behavior," etc. Make a Proof of Concept (PoC) using external functions and realistic parameters. Do not test only the internal function where you think you found something.
Suppositions
There is no real proof, concrete root cause, specific impact, or enough details in those submissions. Examples include: "It could happen" without specifying when, "If this impossible case happens," "Unexpected behavior," etc. Make a Proof of Concept (PoC) using external functions and realistic parameters. Do not test only the internal function where you think you found something.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.