The last bidder can't get fund back when quote token has transfer fee #87
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-47
edited-by-warden
satisfactory
satisfies C4 submission criteria; eligible for awards
Lines of code
https://github.com/code-423n4/2022-11-size/blob/main/src/SizeSealed.sol#L164
Vulnerability details
Impact
In 'bid()' function, there is no security check if the actual received token is equal to 'quoteAmount' . When the quote token has transfer fee, the last bidder won't be able to get refund.
Proof of Concept
Given
Bidder A bids with 100 $TKN, then
Bidder B bids with 100 $TKN, then
Bidder A cancels bid
Bidder B cancels bid
Tools Used
VS Code
Recommended Mitigation Steps
Revert if the actual received token is not equal to 'quoteAmount'.
The text was updated successfully, but these errors were encountered: