OrderBook

Description

• Normal behavior: In DeFi protocols, changes to key economic parameters (like trading fees) are expected to emit events. This ensures indexers, analytics dashboards, and automated bots can immediately detect and propagate updates. It’s a foundational transparency mechanism that keeps off-chain systems aligned with on-chain state.

• Issue: In this contract, the setFee function directly updates the internal fee state variable without emitting any event. This means off-chain services relying on event streams for efficiency (rather than constant storage polling) remain unaware of fee changes until they explicitly query storage, often on delayed intervals.

Risk

Likelihood:

• Occurs every single time the owner changes the fee, because there is no event mechanism implemented.

• Practically guaranteed on every governance or admin update.

Impact:

• Dashboards and trading bots will continue displaying stale fee data, potentially misleading traders about the actual cost of transactions.

• Erodes trust in the protocol’s transparency standards, possibly deterring professional integrations or partnerships that depend on reliable off-chain data streams.

Proof of Concept

This shows how, when the owner updates the fee to 5% (500 basis points), the absence of an event means external tools (DEX aggregators, user dashboards, risk analyzers) have no way to detect the change in real-time. They continue to display the old fee rate, misleading users into executing trades under incorrect assumptions.

Recommended Mitigation

By emitting a FeeChanged event, every fee update becomes immediately observable by indexers, explorers, bots, and front-end dashboards. This aligns the contract with DeFi standards for transparent governance and reduces user exposure to stale UI data, maintaining the integrity of the trading experience.