search

code-423n4 / 2021-09-defiprotocol-findings

1 stars 0 forks source link

`Auction.sol#bondTimestamp` Misleading name #80

Open code423n4 opened 3 years ago

code423n4 commented 3 years ago

Handle

WatchPug

Vulnerability details

bondTimestamp is a block number instead of a timestamp.

https://github.com/code-423n4/2021-09-defiProtocol/blob/main/contracts/contracts/Auction.sol#L58

Recommended Mitigation Steps

Consider changing to bondBlockNumber.

GalloDaSballo commented 2 years ago

Agreed