search

code-423n4 / 2023-06-stader-findings

1 stars 1 forks source link

Inconsistency in the bidIncrement #417

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-06-stader/blob/main/contracts/Auction.sol#L151

Vulnerability details

Impact

The person with the same number of bidding tokens can become the highest bidder in some cases. Due to variability in the bidIncrement in during the auction.

Proof of Concept

The bidIncrement can be changed during the auction due to unchecked calling of the function updateBidIncrement() during the auction. If by mistake the bidIncrement is changed to be decreased or set to Zero, then this will lead to the user bidding the same value to be the highestBidder.

Recommended Mitigation Steps

A check should be included in the function updateBidIncrement()

        if (block.number <= lotItem.endBlock) revert AuctionNotEnded();

Assessed type

Other

c4-judge commented 1 year ago

Picodes changed the severity to QA (Quality Assurance)