Sellers can't finalize their auctions by a malicious bidder #93
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-332
satisfactory
satisfies C4 submission criteria; eligible for awards
Lines of code
https://github.com/code-423n4/2022-11-size/blob/706a77e585d0852eae6ba0dca73dc73eb37f8fb6/src/SizeSealed.sol#L269
Vulnerability details
Impact
After the auction was created, bidders can place a bid with the custom
quoteAmount
and encryptedbaseAmount
.When the seller tries to finalize the auction, it doesn't check if the bidder's
baseAmount
is greater than zero so that the finalization can be revert with the division by zero.There is no direct fund loss but I submit as a high risk because all auctions can't be finalized by a malicious bidder.
Proof of Concept
When the seller tries to finalize the auction, it will revert here if a malicious bidder placed a bid with 0
baseAmount
.This is the test to show the scenario.
This is the test result.
Tools Used
Foundry
Recommended Mitigation Steps
We should skip the bidder when the
baseAmount == 0
here.The text was updated successfully, but these errors were encountered: