immutable variables `fee` and `protocolFee` are unbounded

[code423n4]

Handle

Dravee

Vulnerability details

In TimeswapFactory and TimeswapPair: immutable variables fee and protocolFee aren't bounded. It could get troublesome for users in the case of malicious/faulty governor contract.

• https://github.com/code-423n4/2022-01-timeswap/blob/5960e07d39f2b4a60cfabde1bd51f4b1e62e7e85/Timeswap/Timeswap-V1-Core/contracts/TimeswapPair.sol#L114-L115
• https://github.com/code-423n4/2022-01-timeswap/blob/5960e07d39f2b4a60cfabde1bd51f4b1e62e7e85/Timeswap/Timeswap-V1-Core/contracts/TimeswapFactory.sol#L40-L41

Recommended Mitigation Steps

Set a max fee and a max protocolFee

[amateur-dev]

Similar issue reported over here #33; hence closing this issue