Buyout candidate can sell their own tokens to counteract buyout rejection

[code423n4]

Lines of code

https://github.com/code-423n4/2022-06-nibbl/blob/8c3dbd6adf350f35c58b31723d42117765644110/contracts/NibblVault.sol#L362-L370

Vulnerability details

Impact

A user who owns an amount of the fractionalized ERC20 tokens is able to sell their own tokens to counteract the buyout rejection process. The most malicious way that buyout candidate can perform this is outlined below:

Assume the buyout candidate owns roughly x% of the current supply. Buyout candidate will be referred to as BC.

• Buyout initiated at price of 150 ETH
• Rejection price is set at 165 ETH
• BC monitors buy() transactions in the mempool and sells the corresponding amount of BC's ERC20s
• Since the TWAV value is updated BEFORE the first transaction in the block, the TWAV will remain at 150 ETH because the owner is always selling it down to the previous value.

Ideally, the BC is only going to sell as many tokens as necessary to push the price just below 165 (e.g. 164 ETH). This way, BC receives the NFT and their tokens also have more value to redeem than the previous valuation of 150 ETH .

Tools Used

Manual review.

Recommended Mitigation Steps

I would recommend not allowing the buyout candidate to sell their own fractionalized tokens as they obviously want the buyout to succeed. Their sell actions undermine the authority of the rest of the community.

[mundhrakeshav]

Expected Behaviour

[HardlyDifficult]

Although this does appear to be follow design as intended, the recommendation here seems compelling to me. I'm going to merge this with the warden's QA report #255