Summary

The amendSellOrder function allows sellers to continuously extend their order's expiry by repeatedly amending the deadline, effectively bypassing the intended maximum order duration.

Vulnerability details

The function checks that the new deadline duration does not exceed MAX_DEADLINE_DURATION, but it calculates the new deadline as block.timestamp + _newDeadlineDuration on every amendment. This means a seller can keep calling amendSellOrder before expiry, each time pushing the deadline further into the future. As a result, orders can remain active indefinitely, defeating the purpose of having a maximum deadline duration.

Impact

• Order Book Pollution: Sellers can keep orders alive forever, leading to stale or unwanted orders persisting in the order book.

• Unfair Advantage: Sellers can game the system by keeping their orders active indefinitely, which may not be intended by the protocol design.

• Potential for Spam: Attackers can keep dust or spam orders alive, increasing storage and computation costs for all users.

Proof of concept (PoC)

1. Seller creates an order with the maximum allowed deadline.

2. Before the order expires, the seller calls amendSellOrder with a new maximum deadline duration.

3. The order's deadline is extended by another maximum duration.

4. This process can be repeated indefinitely, keeping the order alive forever.

Recommended mitigation

• Store the original creation timestamp or expiry timestamp in the order struct.

• When amending, ensure that the new deadline does not exceed the original creation time plus MAX_DEADLINE_DURATION.

• Example check:

• Alternatively, disallow amending the deadline or only allow reducing it.