Platform: Code4rena
Start Date: 08/05/2023
Pot Size: $90,500 USDC
Total HM: 17
Participants: 102
Period: 7 days
Judge: 0xean
Total Solo HM: 4
Id: 236
League: ETH
Rank: 25/102
Findings: 1
Award: $732.00
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: 0xnev
Also found by: 0xStalin, BugBusters, chaieth
731.996 USDC - $732.00
Setting the deadline parameter in a pancake swap transaction to the block.timestamp value can have significant implications for the success of the transaction. Here are impacts:
1.Risk of Transaction Failure: Setting the deadline to the current block timestamp may not provide sufficient time for the transaction to be executed, especially during times of high network congestion. If the transaction is not executed within the specified deadline, it will be considered invalid and reverted, causing the user to lose any gas fees paid for the transaction.
2.Front-Running: When the deadline is set to the current block timestamp, it gives front-runners an opportunity to observe the pending transaction and execute a similar transaction with a higher gas fee, and delaying the user transaction and it will fail.
uint256[] memory amounts = IPancakeswapV2Router(pancakeSwapRouter).swapExactTokensForTokens( balanceOfUnderlyingAsset, amountOutMin, path, address(this), block.timestamp );
Manual review
Allow the user who calling the swapPoolAssets function to also specify the moderate deadline in the params and pass that to pancake swap swapExactTokensForTokens function .
Other
#0 - c4-judge
2023-05-18T10:33:54Z
0xean marked the issue as duplicate of #167
#1 - c4-judge
2023-06-05T14:15:35Z
0xean marked the issue as satisfactory