settleAuction() Check for status errors #582
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-03
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
Lines of code
https://github.com/code-423n4/2023-01-astaria/blob/1bfc58b42109b839528ab1c21dc9803d663df898/src/CollateralToken.sol#L526-L534
Vulnerability details
Impact
ClearingHouse.safeTransferFrom() to execute successfully even if there is no bid
Proof of Concept
settleAuction is called at the end of the auction and will check if the status is legal
This check seems to be miswritten,The normal logic would be
This causes ClearingHouse.safeTransferFrom() to execute successfully even if there is no bid
Tools Used
Recommended Mitigation Steps
The text was updated successfully, but these errors were encountered: