Gas: Timestamp in router swap can be hardcoded

[code423n4]

Handle

cmichel

Vulnerability details

When doing swaps with a Uniswap router from within a contract, there's no need to compute any offset from the current block for the deadline parameter. The router just checks if deadline >= block.timestamp.

See BaseStrategy._swapTokens which does an unnecessary block.timestamp read and another unnecessary addition of 1800.

Recommended Mitigation Steps

The most efficient way to provide deadlines for a router swap is to use a hardcoded value that is far in the future, for example, 1e10.

[Haz077]

Added in code-423n4/2021-09-yaxis#18

[GalloDaSballo]

Sponsor does acknowledge and has mitigated

Not sure why they are using 1e10 when now would work (may be the case of avoiding a listing message)