Possible to frontrun with `escrow_info.amount`?
Aphoh opened this issue · 2 comments
Hey there!
Thanks for this tutorial. It's been super helpful. I'm trying to understand whether it's possible to do the same frontrunning attack you describe but on token Y instead of token X:
In process_exchange
we check that the number of tokens in the pdas_temp_token_account
match the amount_expected_by_taker
so that Alice can't frontrun by cancelling, making a new escrow account with the same address, and filling pdas_temp_token_account
with fewer tokens than in the original escrow account.
However, if Bob passes a takers_sending_token_account
for token Y that holds more than escrow_info.expected_amount
(ex: all his holdings of Y, 200 tokens when escrow_info.expected_amount
is only 100), couldn't Alice do the same frontrun technique, creating a new escrow account with the same number of tokens in pdas_temp_token_account
, but this time setting a new escrow_info.expected_amount
(increasing it to, say, 200), in order to take all of Bob's token Y?
Putting the amount bob expects to send out of takers_sending_token_account
would fix this, no? Is the responsibility on Bob to make his own 'temp token Y account' that holds only what he reads in escrow_info.expected_amount
or is this something that should really be baked into the program?
Again, thank you for the wonderful tutorial.
hi @Aphoh ! thanks for the kind words.
I agree. If cancel was implemented, what you described would be possible. I've updated the blog to reflect that!
I'm posting blog updates on twitter from time to time. If you give me your handle I will credit you there!
@paul-schaaf Cool! I don't use twitter that much but feel free to credit me at the handle "@windwardwill"