search

code-423n4 / 2023-05-juicebox-findings

1 stars 1 forks source link

No deadline for swaps #272

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-05-juicebox/blob/9d0458282511ff269b3b35b5b082b56d5cc08663/juice-buyback/contracts/JBXBuybackDelegate.sol#L258-L326

Vulnerability details

Impact

No deadline for swaps allows transactions to be executed later, unfavourably or maliciously.

Proof of Concept

When tokens are to be swapped rather than minted, slippage is controlled in uniswapV3SwapCallback() by _minimumAmountReceived which is calculated from the _quote and _slippage provided in _metadata. If the transaction remains pending for a long time these slippage parameters might become outdated, resulting in a bad trade for the user. This could then also be exploited with a sandwich attack by an MEV bot.

Recommended Mitigation Steps

Pass a deadline in _metadata which if passed reverts in _swap().

Assessed type

Invalid Validation

c4-pre-sort commented 1 year ago

dmvt marked the issue as duplicate of #6

dmvt commented 1 year ago

Invalid. See comment on #6 regarding why this is not really an issue.

c4-judge commented 1 year ago

dmvt marked the issue as unsatisfactory: Invalid