Description
A pool administrator can halt all swaps by setting an invalid max_allowed_spread_bps value. This is possible because the privileged update_config function does not perform range checks on the max_allowed_spread_bps parameter of type i64, allowing it to take forbidden (e.g., negative) values.
An invalid max_allowed_spread_bps value will cause the following check in the swap function to revert on every call, thereby halting swaps.
Recommendation
Ensure that the new max_allowed_spread_bps falls within a valid swap spread range.
Location
Description A pool administrator can halt all swaps by setting an invalid
max_allowed_spread_bps
value. This is possible because the privilegedupdate_config
function does not perform range checks on themax_allowed_spread_bps
parameter of typei64
, allowing it to take forbidden (e.g., negative) values.An invalid
max_allowed_spread_bps
value will cause the following check in the swap function to revert on every call, thereby halting swaps.Recommendation Ensure that the new max_allowed_spread_bps falls within a valid swap spread range.