Potential Fee Calculation Exploit in AMM Due to Infrequent Timestamp Updates
Summary
The _getAMMFeeInBips function calculates the AMM's dynamic trading fees based on the elapsed time since the lastProcessedSignatureTimestamp. This timestamp is only updated when a HOT swap occurs under specific conditions (e.g., the swap involves a discount). If these conditions are infrequently met, the timestamp remains outdated, potentially allowing users to exploit the system by timing their trades to coincide with periods of maximum fee growth, thus impacting the fairness and efficiency of the fee mechanism.
Vulnerability Detail
In the smart contract, the dynamic fee is calculated linearly based on the time elapsed since the last HOT swap that updated the lastProcessedSignatureTimestamp. This design assumes regular updates to the timestamp during typical operations. However, if HOT swaps that update the timestamp are rare, it may lead to scenarios where the fee either grows unchecked or does not reflect current market conditions.
Impact
The primary risk involves potential manipulation of the fee system by users who understand the dependency on the lastProcessedSignatureTimestamp. They could potentially wait until the fee reaches its maximum due to prolonged inactivity in timestamp updates and then execute trades, taking advantage of potentially higher rewards or other system incentives tied to higher fees.
Regular Updates: Ensure that the lastProcessedSignatureTimestamp is updated more regularly and does not solely depend on specific types of swaps in this case "isDiscountedHot" swaps.
0xrobsol
high
Potential Fee Calculation Exploit in AMM Due to Infrequent Timestamp Updates
Summary
The _getAMMFeeInBips function calculates the AMM's dynamic trading fees based on the elapsed time since the lastProcessedSignatureTimestamp. This timestamp is only updated when a HOT swap occurs under specific conditions (e.g., the swap involves a discount). If these conditions are infrequently met, the timestamp remains outdated, potentially allowing users to exploit the system by timing their trades to coincide with periods of maximum fee growth, thus impacting the fairness and efficiency of the fee mechanism.
Vulnerability Detail
In the smart contract, the dynamic fee is calculated linearly based on the time elapsed since the last HOT swap that updated the lastProcessedSignatureTimestamp. This design assumes regular updates to the timestamp during typical operations. However, if HOT swaps that update the timestamp are rare, it may lead to scenarios where the fee either grows unchecked or does not reflect current market conditions.
Impact
The primary risk involves potential manipulation of the fee system by users who understand the dependency on the lastProcessedSignatureTimestamp. They could potentially wait until the fee reaches its maximum due to prolonged inactivity in timestamp updates and then execute trades, taking advantage of potentially higher rewards or other system incentives tied to higher fees.
Code Snippet
https://github.com/sherlock-audit/2024-03-arrakis/blob/main/valantis-hot/src/HOT.sol#L825-L827
https://github.com/sherlock-audit/2024-03-arrakis/blob/main/valantis-hot/src/HOT.sol#L974-L989
Tool used
Manual Review
Recommendation
Regular Updates: Ensure that the lastProcessedSignatureTimestamp is updated more regularly and does not solely depend on specific types of swaps in this case "isDiscountedHot" swaps.