Open code423n4 opened 1 year ago
bytes032 marked the issue as low quality report
bytes032 marked the issue as primary issue
bytes032 marked the issue as duplicate of #898
bytes032 marked the issue as sufficient quality report
GalloDaSballo changed the severity to QA (Quality Assurance)
GalloDaSballo marked the issue as grade-b
Lines of code
https://github.com/code-423n4/2023-08-dopex/blob/main/contracts/amo/UniV3LiquidityAmo.sol#L289-L299
Vulnerability details
Impact
If the transaction gets stalled in the mempool it can can get executed at an inappropriate moment.
Proof of Concept
The Uniswap V3 AMO integrates Uniswap to provide liquidity and to execute swaps. The issue arises due to the protocol using an arbitrary timetamp in the future instead of an actual one that will protect the protocol from getting damaged due to precision loss.
Tools Used
Manual review
Recommended Mitigation Steps
Consider swapping the timestamp with a value passed as params.
Assessed type
Uniswap