SingleTokenJoinV2 doesn't take input deadline to consideration #170
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
invalid
This doesn't seem right
Handle
kenzo
Vulnerability details
SingleNativeTokenExitV2 takes as input from the user a deadline for the trades.
However, it does not use this input for the actual trade but sets the deadline to be block.timestamp.
Impact
Trades will not work as expected. User might set a deadline for the trade but his trade will get executed regardless.
Duplicate issue?
This issue is present in a few contracts in the repo - SingleNativeTokenExitV2, SingleTokenJoinV2.
If I submit both in one issue, but the judge will decide to reward them separately, he would not be able to do so for me as I submitted them all in one issue.
So this is why I am submitting them in separate issues.
If it is will be rewarded only as one issue, the judge will close the duplicate. Thank you.
Proof of Concept
We can see the input struct has deadline as a parameter, however,
_joinTokenSingle
passes as deadlineblock.timestamp
, and not the input deadline.Recommended Mitigation Steps
Send to the router
_joinTokenStruct.deadline
instead ofblock.timestamp
. (Code ref)The text was updated successfully, but these errors were encountered: