c4-judge
commented
1 year ago 0xean marked the issue as duplicate of #513
Closed code423n4 closed 1 year ago
c4-judge
commented
1 year ago 0xean marked the issue as duplicate of #513
c4-judge
commented
1 year ago 0xean marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-05-venus/blob/main/contracts/Shortfall/Shortfall.sol#L158
Vulnerability details
Impact
Shortfall.sol#placeBiddoes not limit the bid spread. The attacker can increase the price by a small amount each time causing the auction to never stop.Proof of Concept
Tools Used
manual
Recommended Mitigation Steps
limit the bid spread
Assessed type
DoS