Keepers can select transactions based on keeper fee

Summary

Keepers have the capability to prioritize transactions according to the keeper fee associated with them, often favoring transactions with higher keeper fees.

Vulnerability Detail

This preference for higher keeper fees can result in an accumulation of slow and pending transactions within the protocol.

Impact

Consequently, users who have placed limit or leverage orders may experience situations where their transactions remain unfulfilled due to prolonged processing times. This delay may compel users to cancel their transactions as they reach the maximum allowable transaction duration, potentially resulting in missed profit opportunities for the users and the protocol.

Code Snippet

https://github.com/sherlock-audit/2023-12-flatmoney/blob/main/flatcoin-v1/src/DelayedOrder.sol#L67

https://github.com/sherlock-audit/2023-12-flatmoney/blob/main/flatcoin-v1/src/DelayedOrder.sol#L109

https://github.com/sherlock-audit/2023-12-flatmoney/blob/main/flatcoin-v1/src/DelayedOrder.sol#L160

https://github.com/sherlock-audit/2023-12-flatmoney/blob/main/flatcoin-v1/src/DelayedOrder.sol#L217

https://github.com/sherlock-audit/2023-12-flatmoney/blob/main/flatcoin-v1/src/DelayedOrder.sol#L317

Tool used

Manual Review

Recommendation

Keeper fee should be a constant to mitigate the aforementioned vulnerabilities and ensure fair and efficient transaction processing within the protocol.

sherlock-admin commented 8 months ago

1 comment(s) were left on this issue during the judging contest.

takarez commented:

invalid

nevillehuang commented 8 months ago

Invalid, keepers are permisionless, users announcing orders can simply be keepers themselves executing orders, so this doesn't apply.

sherlock-audit / 2023-12-flatmoney-judging

the-first-elder - Keepers can select transactions based on keeper fee #114