Variable DEX deploy price creates arbitrage opportunity

When a purchase on the bonding curve causes the real ETH reserves to exceed a preset constant $.config.dexThreshold, the purchase will cause the DEX to be deployed immediately afterwards. This means that the price at which the PondFun contract provides liquidity at is dependent on the size of the last buy that exceeds the dexThreshold. Since this price is controllable, and directly affects the amount of real value burned by the protocol (the burnt LP tokens) to add permanent liquidity to the pair, this means that an arbitrageur can take most of that real value themselves.

This arbitrage would look like a user buying up the entire supply on the bonding curve, using an amount of ETH much higher than the dexThreshold limit, and then selling the extra tokens back after the protocol deploys the token on the real DEX, earning a profit.

Instead of allowing the last buyer to purchase tokens on the bonding curve above the dexThreshold, we recommend either reducing the size of the last buyer's purchase and returning the rest of the ETH with the DEX deploy, or executing the purchase by buying only up to the dexThreshold on the bonding curve and then buying the rest on the real DEX after the deploy - with the slippage guarantee still checked on the sum of the purchased tokens. This will ensure that tokens will not be sold at an inappropriate price above the dexThreshold.

PondFun remediated this by executing the remainder of the last buyer's purchase on the real DEX after it is deployed.