Batch processing of transaction execution and order matching may lead to exchange griefing Batch processing of transaction execution and order matching will iteratively process every transaction and order, which all involve filling.
If the asset being filled does not have enough allowance, the asset’s transferFrom will fail, causing AssetProxyDispatcher to revert.
NoThrow variants of batch processing, which are available for filling orders, are not available for transaction execution and order matching.
So if one transaction or order fails this way, the entire batch will revert and will have to be re-submitted after the reverting transaction is removed.
Short term, implement NoThrow variants for batch processing of transaction execution and order matching. Long term, take into consideration the effect of malicious inputs when implementing functions that perform a batch of operations.
- ToB Audit Ox Protocol Finding 6
- DoS
- Medium Severity
- Batch tx Processing
- One Revert -> Batch Revert
- Nothrow Variant
- Evaluate Batch Risk
- Youtube Reference
- Medium Risk severity finding from ToB’s Audit of 0x Protocol