Without a deadline check, attackers can exploit the lack of time constraints, allowing them to observe transactions in the mempool and opportunistically submit their transactions with higher gas fees to get prioritized. In the context of automated market makers (AMMs) like Uniswap, this could lead to attackers getting more favorable swap rates at the expense of legitimate users.
Users executing swaps might experience unexpected behavior if the transaction execution occurs at a time different from what they intended. This lack of predictability can erode user trust in the functionality of the smart contract.
Proof of Concept
Missing the deadline check exposes Alice to the risk of front-running by Mallory. Mallory exploits the absence of a time constraint, manipulating the transaction order and securing a better rate for the ZetaToken. As a result, Alice experiences a less advantageous outcome than she initially anticipated.
Scenario:
Alice decides to swap 1 ETH for ZetaToken using a Zetachain with the following parameters:
*Source Token: 1 ETH
Destination Token: ZetaToken
Minimum Amount Out: Specified by Alice
Destination Address: Alice's wallet address***
Alice Initiates Swap:
Alice creates a transaction to swap 1 ETH for ZetaToken.
She specifies her wallet address as the destination to receive ZetaToken.
No Deadline Check:
The smart contract lacks a deadline check, allowing transactions to be processed without a time constraint.
Mallory's Front-Running Attack:
Mallory, a malicious actor, monitors pending transactions on the network.
Seeing Alice's transaction without a deadline, Mallory quickly submits a transaction with a higher gas fee, front-running Alice's swaps
Priority for Mallory:
Miners prioritize transactions with higher gas fees, and Mallory's transaction gets picked up first due to the elevated gas fee.
Unfavorable Outcome for Alice:
Mallory's transaction executes at a more favorable rate for ZetaToken due to the front-running advantage.
Alice's swap, now processed at a different rate, results in her receiving fewer ZetaTokens than expected.
This scenario emphasizes the importance of implementing a deadline check in smart contracts handling token swaps. By enforcing a reasonable deadline, developers can mitigate the risk of front-running attacks, providing users like Alice with a more secure and predictable trading experience.
Tools Used
Github, Manual review
Recommended Mitigation Steps
Implementing a robust deadline check is crucial to mitigating these risks. The smart contract should ensure that the provided deadline is in the future, providing a reasonable window for transaction execution. Additionally, users should be educated about the importance of setting realistic deadlines to align with their trading expectations
Lines of code
https://github.com/code-423n4/2023-11-zetachain/blob/2834e3f85b2c7774e97413936018a0814c57d860/repos/protocol-contracts/contracts/evm/tools/ZetaTokenConsumerUniV2.strategy.sol#L34
Vulnerability details
Impact
Without a deadline check, attackers can exploit the lack of time constraints, allowing them to observe transactions in the mempool and opportunistically submit their transactions with higher gas fees to get prioritized. In the context of automated market makers (AMMs) like Uniswap, this could lead to attackers getting more favorable swap rates at the expense of legitimate users. Users executing swaps might experience unexpected behavior if the transaction execution occurs at a time different from what they intended. This lack of predictability can erode user trust in the functionality of the smart contract.
Proof of Concept
Missing the deadline check exposes Alice to the risk of front-running by Mallory. Mallory exploits the absence of a time constraint, manipulating the transaction order and securing a better rate for the ZetaToken. As a result, Alice experiences a less advantageous outcome than she initially anticipated.
*Source Token: 1 ETH Destination Token: ZetaToken Minimum Amount Out: Specified by Alice Destination Address: Alice's wallet address***
Alice creates a transaction to swap 1 ETH for ZetaToken. She specifies her wallet address as the destination to receive ZetaToken.
The smart contract lacks a deadline check, allowing transactions to be processed without a time constraint.
Mallory, a malicious actor, monitors pending transactions on the network. Seeing Alice's transaction without a deadline, Mallory quickly submits a transaction with a higher gas fee, front-running Alice's swaps
Miners prioritize transactions with higher gas fees, and Mallory's transaction gets picked up first due to the elevated gas fee.
Mallory's transaction executes at a more favorable rate for ZetaToken due to the front-running advantage. Alice's swap, now processed at a different rate, results in her receiving fewer ZetaTokens than expected.
This scenario emphasizes the importance of implementing a deadline check in smart contracts handling token swaps. By enforcing a reasonable deadline, developers can mitigate the risk of front-running attacks, providing users like Alice with a more secure and predictable trading experience.
Tools Used
Github, Manual review
Recommended Mitigation Steps
Assessed type
Timing