Location
core/src/exchanges/polymarket/websocket.ts:328
Code
private async ensureInitialized() {
if (this.initializationPromise) return this.initializationPromise;
this.initializationPromise = new Promise<void>((resolve, reject) => {
const WebSocket = require('ws');
this.ws = new WebSocket(POLYMARKET_MARKET_WS_URL);
this.ws.on('open', () => {
resolve();
});Risk
ensureInitialized() is called before every market-channel operation. Its initializationPromise has no timeout. If POLYMARKET_MARKET_WS_URL is unreachable or hangs, the promise never resolves, blocking every call to subscribeTicker(), subscribeOrderBook(), and all market data methods for Polymarket.
Affected Methods
PolymarketWebSocket.ensureInitialized() — called by all market subscription methodssubscribeTicker(), subscribeOrderBook(), subscribeLastTradePrice()
Suggested Fix
const timeout = setTimeout(() => {
this.ws?.terminate();
reject(new Error('Polymarket market WS connection timeout'));
}, 15_000);
this.ws.on('open', () => { clearTimeout(timeout); resolve(); });
this.ws.on('error', (err) => { clearTimeout(timeout); reject(err); });
Found by automated missing timeout audit
Location
core/src/exchanges/polymarket/websocket.ts:328Code
Risk
ensureInitialized()is called before every market-channel operation. ItsinitializationPromisehas no timeout. IfPOLYMARKET_MARKET_WS_URLis unreachable or hangs, the promise never resolves, blocking every call tosubscribeTicker(),subscribeOrderBook(), and all market data methods for Polymarket.Affected Methods
PolymarketWebSocket.ensureInitialized()— called by all market subscription methodssubscribeTicker(),subscribeOrderBook(),subscribeLastTradePrice()Suggested Fix
Found by automated missing timeout audit