AuctionManager::bid() doesn't allow the liquidator to specify a max price they are willing to pay for the collateral they are liquidating. On the surface, this doesn't seem like an issue because the price is always decreasing due to the Dutch auction. However, this can be problematic if the chain the contracts are deployed on suffers a reorg attack. This can place the transaction earlier than anticipated and therefore charge the user more than they meant to pay. While this scenario is unlikely on Ethereum, the protocol is intended to be deployed on Arbitrum, which is more susceptible to reorganization.
Impact
Severity: High Likelihood: Low
Context
AuctionManager::bid()
Description
AuctionManager::bid()doesn't allow the liquidator to specify a max price they are willing to pay for the collateral they are liquidating. On the surface, this doesn't seem like an issue because the price is always decreasing due to the Dutch auction. However, this can be problematic if the chain the contracts are deployed on suffers a reorg attack. This can place the transaction earlier than anticipated and therefore charge the user more than they meant to pay. While this scenario is unlikely on Ethereum, the protocol is intended to be deployed on Arbitrum, which is more susceptible to reorganization.Recommendation