Missing expiration time check in the fillOffer
function
Description
The contracts support a quarterly buyback mechanism where users (particularly large investors or institutions) can deposit USDz along with an asking price. Users must set a minimum lock time (expirationTime
) for their offer. The current implementation allows users to cancel their offer and withdraw USDz once the expirationTime
has passed. However, the fillOffer
function does not check whether an offer has expired before attempting to fulfill it.
If a stale order (an order past its expirationTime
) is filled, this can lead to incorrect or unintended protocol behavior.
Impact
Fulfilling a stale order can create inconsistencies and potential financial risks for users and the protocol. While most users are expected to set their offer price at 1 USDC, this issue may affect users setting prices lower than 1 USDC.
Recommendations
Add an expirationTime
check to the fillOffer
function to ensure that only valid, non-expired offers are filled. This change aligns with the expected protocol behavior and safeguards against filling stale orders.
Remediation
This issue has been acknowledged by Anzen Labs Inc., and a fix was implemented in commit b04094a9↗.