Open code423n4 opened 3 years ago
it is assumed the owner is trustworthy in this version of the protocol, however we will add mitigations and further decentralization in future updates
Agree with the finding, because the warden showed a specific "admin privilege" that DOSses the protocol, the finding is valid and of medium severity
Handle
goatbug
Vulnerability details
Impact
auction multiplier can be set to zero by factory owner. This would stop the auction settling, function would always revert.
causing a safe math error and newRatio to revert.
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
Tools Used
Recommended Mitigation Steps