sherlock-audit 2024-02-radicalxchange-judging issues

sherlock-audit / 2024-02-radicalxchange-judging

3 stars 1 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

0xKartikgiri00 - `_checkBidAmount` function have a strict equality check, which cause revert when not really needed.

#26 sherlock-admin4 closed 8 months ago
0
0xKartikgiri00 - `EnglishPeriodAuctionInternal:: _cancelAllBids` function allows bidder to cancel the highest bid.

#25 sherlock-admin3 closed 8 months ago
0
zzykxx - The first auction round of a NFT may start in the past in some scenarios

#24 sherlock-admin2 closed 8 months ago
0
AMOW - Protocol funds can be stolen through malicious bidding

#23 sherlock-admin4 closed 8 months ago
2
AMOW - Highest bidder can cancel bid through `_cancelAllBids`

#22 sherlock-admin4 closed 8 months ago
0
neon2835 - The _cancelAllBids function has a vulnerability, as it does not verify whether the user at this time is the highest bidder

#21 sherlock-admin3 closed 8 months ago
0
cats - Protocol funds can be drained by auctioned NFT's owner using 2 wallets

#20 sherlock-admin3 closed 8 months ago
6
zzykxx - An auction of an NFT with `tokenId` equal to 0 can start earlier than expected

#19 sherlock-admin2 closed 8 months ago
0
cats - Flawed bid cancellation logic allows user to win auction with 100% certainty without even spending any money

#18 sherlock-admin2 closed 8 months ago
0
CarlosAlbaWork - Highest bidder can cancel his bid

#17 sherlock-admin4 closed 8 months ago
0
zzykxx - The protocol is not compatible with collections of NFTs with non-sequential IDs or sequential IDs that don't start from 0

#16 sherlock-admin2 closed 7 months ago
51
zzykxx - Users can cancel their own highest bid of any round, including the current one

#15 sherlock-admin3 closed 8 months ago
0
14si2o_Flint - Highest bidder can withdraw his collateral due to a missing check in _cancelAllBids

#14 sherlock-admin2 opened 8 months ago
3
pseudoArtist - Highest bidder can cancel his bid and close the auction to win the auction.

#13 sherlock-admin2 closed 8 months ago
0
14si2o_Flint - All bids with 100% collateralisation will revert due to incorrect fee calculation

#12 sherlock-admin4 closed 8 months ago
0
pseudoArtist - A `tie` bid can be placed to keep on rolling the bid till end and gain the stewardship

#11 sherlock-admin4 closed 8 months ago
0
sammy - A vulnerability in the `_cancelAllBids` function allows the highest bidder to obtain the `Stewardship License` for free

#10 sherlock-admin3 closed 8 months ago
0
cawfree - The incumbent steward can avoid paying the periodic honorarium.

#9 sherlock-admin3 closed 7 months ago
14
FSchmoede - Bidder can cancel bid and acquire SL for free stealing funds from other users

#8 sherlock-admin2 closed 8 months ago
0
theFirstElder - The function cancelBidAndWithdrawCollateral permits the current highest bidder to withdraw assets before the auction concludes.

#7 sherlock-admin2 closed 8 months ago
0
14si2o_Flint - Potential griefing attack and other negative impacts if minBidIncrement is set to 0.

#6 sherlock-admin4 closed 8 months ago
5
zraxx - The function _cancelAllBids does not check whether the bidder is the highestBidder

#5 sherlock-admin4 closed 8 months ago
0
404666 - User can cancel bid even when he is the highest one to receive a token for free

#4 sherlock-admin3 closed 8 months ago
0
cawfree - An invocation of `_cancelAllBids()` will ignore if the `bidder` is the highest bidder for the current round.

#3 sherlock-admin3 closed 8 months ago
0
14si2o_Flint - Incorrect implementation of _isAuctionPeriod will cause _closeAuction to revert every time.

#2 sherlock-admin2 closed 8 months ago
0
Krace - The highest bidder could cancel bid via `cancelAllBidsAndWithdrawCollateral` function

#1 sherlock-admin2 closed 8 months ago
0