When the keeper fulfills the order, they receive a compensation fee from the order owner. The user specifies a maxFee in the order. The _handleKeeperFee function calculates the fee for the compensation, and the keeper receives the lesser of the calculated fee or the maxFee set by the user.
Nyx
Medium
Keepers can lose compensation fee
Summary
Vulnerability Detail
When the keeper fulfills the order, they receive a compensation fee from the order owner. The user specifies a maxFee in the order. The _handleKeeperFee function calculates the fee for the compensation, and the keeper receives the lesser of the calculated fee or the maxFee set by the user.
The problem is that the user can front-run the keepers' tx and change the maxFee to 0 to grief the keeper.
https://github.com/sherlock-audit/2024-08-perennial-v2-update-3/blob/main/perennial-v2/packages/perennial-order/contracts/Manager.sol#L76-L78
The user can call the placeOrder function using the same orderId as before and modify the order with a lower maxFee amount.
Impact
The keeper can lose a fee.
Code Snippet
POC:
Manager_Arbitrum.ts
Tool used
Manual Review
Recommendation
Add a minimum fee parameter to the executeOrder function to ensure that the compensation fee is not less than what keepers want.