Incorrect "deadline" field description in IERC20Permit
0xVolosnikov opened this issue · 4 comments
This line states that deadline must be in the future
However, in fact, the current timestamp can also be used.
Using the current timestamps works if you can
- sign the message
- put it in a transaction
- sign the transaction
- broadcast the transaction
- get the transaction included in a block
All in under one seconds.
So yes, that is theoretically possible, but in practice very unrealistic. I'm not sure anyone should ever assume that all that could happen that fast. For sure I would not encourage anyone do that.
How would you rewrite this line?
Maybe something like "must be a timestamp in the future or at the time the function is called"?
Also this scenario can be simpler: the transaction can simply be included in the block with this timestamp for some reason (especially on "slow" blockchains)
the transaction can simply be included in the block with this timestamp for some reason (especially on "slow" blockchains)
That is what I'm saying above. You need to:
- get the timestamp and use it in a structure
- the signature of the EIP712 data,
- wrap that in a transaction,
- sign the transaction,
- broadcast the transaction
- get that into a block (miner/validator preparing the block) ... with the same timestamp that you got ... so all the above steps need to be in the same timestamp (second?)
If the blockchain is "slow", that last point does not happens very often. Its once every 12 seconds on mainnet. The slower the chain, the less likelly it is that a block will be produce at the same second, and that to work.
Again, I think its unrealistic that anyone would ever sign a Permit with a deadline less than 1 minute in the future.
You are right that this is not a normal and is a rare event