search

salvorio / salvor-contracts

0 stars 0 forks source link

[AMR-07M] Inexistent Subtraction of Fee #25

Open HKskn opened 3 months ago

HKskn commented 3 months ago

AMR-07M: Inexistent Subtraction of Fee

Type Severity Location
Logical Fault AssetManager.sol:L342

Description:

The AssetManager::dutchPay function will not capture the fee from the bidder, thereby causing a deficiency in the system.

Impact:

Any Dutch auction will not actually capture the fee from the bidder, permitting them to withdraw it and thus cause the fees accumulated in the AssetManager to not be claimable.

Example:

function dutchPay(address _nftContractAddress, uint256 _tokenId, address bidder, address lender, uint256 bid, uint256 endPrice) external whenNotPaused nonReentrant {
    require(_isPlatformWhitelisted(msg.sender), "not allowed");
    require(biddingWallets[bidder] >= bid, "Insufficient balance");

    IERC721Upgradeable(_nftContractAddress).safeTransferFrom(msg.sender, bidder, _tokenId);

    uint256 fee = _getPortionOfBid(bid - endPrice, 5000);

    pendingFee += fee;

    uint256 transferredAmount = bid - fee;

    emit TransferFrom(bidder, lender, transferredAmount);

    biddingWallets[bidder] -= transferredAmount;
    biddingWallets[lender] += transferredAmount;
}

Recommendation:

We advise the code to properly subtract the full bid amount from the bidder, ensuring that the fee has been properly captured from them.

HKskn commented 3 months ago

Fixed