order.premium is the price of the put option contract paid by the buyer (bear) of the option to the seller of the option (bull).
Vulnerability Detail
Conventionally, the premium should be paid by the option bearer to the option seller (bull) by the time the order is matched.
In the current implementation, the option premium will be transferred to the bear in settleContract() mistakenly.
Impact
This means that, while the option seller (bull) who provides the option is taking the risk of the target NFT's price drops, and actually they did fulfilled the responsibility of buying the NFT at the strike price, will also lose the premium which was meant to be a payment for the responsibility.
nessben
commented
1 year ago
WATCHPUG
high
order.premiumshould always be paid to the bullSummary
order.premiumis the price of the put option contract paid by the buyer (bear) of the option to the seller of the option (bull).Vulnerability Detail
Conventionally, the premium should be paid by the option bearer to the option seller (
bull) by the time the order is matched.In the current implementation, the option premium will be transferred to the bear in
settleContract()mistakenly.Impact
This means that, while the option seller (
bull) who provides the option is taking the risk of the target NFT's price drops, and actually they did fulfilled the responsibility of buying the NFT at the strike price, will also lose the premium which was meant to be a payment for the responsibility.Code Snippet
https://github.com/sherlock-audit/2022-11-bullvbear/blob/main/bvb-protocol/src/BvbProtocol.sol#L374-L411
Tool used
Manual Review
Recommendation
Consider transferring the premium to the bull in
matchOrder().Duplicate of #132