Description

In various input protobufs, the Deadline parameter ensures that a user's transaction, if not executed by the deadline, is canceled. However, the enforcement of the deadline is inconsistent:

// AddLiquidity
Assert(input.Deadline >= Context.CurrentBlockTime, "Expired.");

// RemoveLiquidity
Assert(input.Deadline.Seconds >= Context.CurrentBlockTime.Seconds, "Expired");

// SwapExactTokensForTokens
Assert(input.Deadline >= Context.CurrentBlockTime, "Expired");

// SwapTokensForExactTokens
Assert(input.Deadline.Seconds >= Context.CurrentBlockTime.Seconds, "Expired");

// SwapExactTokensForTokensSupportingFeeOnTransferTokens
Assert(input.Deadline.Seconds >= Context.CurrentBlockTime.Seconds, "Expired");

Impact

If a request is executed within a second of its deadline, whether it is ultimately executed may depend on the nanoseconds in the timestamps, depending on the exact call. This is not a significant impact, but these should be made consistent.

Recommendations

We recommend selecting either comparing the seconds or comparing the dates (with nanosecond precision) across all the actions.

Remediation

This issue has been acknowledged by Awaken Finance, and a fix was implemented in commit 1eeef4bf↗.