Without a deadline,transaction might execute at an unexpected time when the price is significantly different, leading to higher slippage and unfavorable execution. this will lead to swap results which are very different from the quote value.
Proof of Concept
Lets say that a user intends to swap base for underlying using the swapExactIn. since there is no deadline check that ensures that the swap occurs within a set timeframe in which the swap is favorable to them, the transaction may occur at much less favorable conditions maybe due to price change, or as slippage tends to its maximum value.
Lines of code
https://github.com/code-423n4/2024-05-predy/blob/a9246db5f874a91fb71c296aac6a66902289306a/src/settlements/UniswapSettlement.sol#L22 https://github.com/code-423n4/2024-05-predy/blob/a9246db5f874a91fb71c296aac6a66902289306a/src/settlements/UniswapSettlement.sol#L38
Vulnerability details
Impact
Without a deadline,
transaction
might execute at an unexpected time when the price is significantly different, leading tohigher slippage
and unfavorable execution. this will lead to swap results which are very different from thequote value
.Proof of Concept
Lets say that a
user
intends to swap base for underlying using theswapExactIn
. since there is no deadline check that ensures that the swap occurs within a settimeframe
in which the swap is favorable to them, the transaction may occur at much less favorable conditions maybe due to price change, or as slippage tends to its maximum value.Tools Used
Manual review
Recommended Mitigation Steps
Implement deadline parameter and deadline checks.
Assessed type
DoS