frank-beard
commented
3 years ago bondTimestamp is a blocknumber, we will fix the naming to make this clear.
https://github.com/code-423n4/2021-09-defiProtocol/blob/main/contracts/contracts/Auction.sol#L58
GalloDaSballo
Handle
goatbug
Vulnerability details
Impact
There are require statements comparing timestamps to blocknumbers.
We cannot assume one block per second, this code would not work on different chains where block times radically differ.
The effect is having processes such as settling Auction in this case, happen far to quickly or slowly.
Proof of Concept
This occurs in Basket and Auction contracts. publishNewIndex changeLicenseFee changePublisher
These functions all also incorrectly rely on block numbers to try implement timelocks. There are no garuntees on block times going forwards with networks. It sh
Tools Used
Recommended Mitigation Steps