Curly Eggplant Bee
Medium
The absence of a deadline check in unstakeAndRemoveLP will cause gas waste and fund lockup for users as network congestion can result in transactions executing after the deadline expires.
In unstakeAndRemoveLP, there is no validation of the _deadline parameter before initiating token transfers and unstaking operations. The deadline is only enforced in the downstream removeLiquidityV2 call, allowing transactions to proceed even if the deadline has expired.
Users must submit transactions with a _deadline that could expire before mining
Ethereum network congestion causes delayed transaction mining
User calls unstakeAndRemoveLP with _deadline = block.timestamp + 10 minutes.
Network congestion delays mining by 15 minutes.
Token transfers and unstaking occur, but removeLiquidityV2 reverts due to an expired deadline.
User’s tokens are locked in the contract until manually refunded.
- Users suffer gas waste (500k gas ≈ $50) and temporary loss of access to transferred tokens.
- Protocol accumulates dust tokens, complicating accounting and creating potential attack surfaces.
No response
No response