Inadequate Handling of Lot Cancellation Post-Partial Settlement
Summary
The AuctionHouse contract not properly manage the cancellation of lots after a partial settlement, potentially resulting in the loss of funds for bidders or the seller.
Vulnerability Detail
Current Implementation: The contract includes settlement logic but does not detail the handling of lot cancellations after partial settlements.
What Goes Wrong: If a lot is canceled after being partially settled, without clear logic to handle such cases, it could lead to improper refunds or failure to return funds.
// In the AuctionHouse contract
function settle(uint96 lotId_) external override nonReentrant {
...
// Settlement logic here
...
}
// @audit Hypothetical cancellation logic (not present in code)
function cancelLot(uint96 lotId_) external {
...
// Cancellation logic should handle refunds and returns here
...
}
Impact
Bidders may not receive due refunds, and sellers might not get back the unsold portion of their assets.
thisvishalsingh
high
Inadequate Handling of Lot Cancellation Post-Partial Settlement
Summary
The
AuctionHousecontract not properly manage the cancellation of lots after a partial settlement, potentially resulting in the loss of funds for bidders or the seller.Vulnerability Detail
If a lot is canceled after being partially settled, without clear logic to handle such cases, it could lead to improper refunds or failure to return funds.Impact
Bidders may not receive due refunds, and sellers might not get back the unsold portion of their assets.
Code Snippet
https://github.com/sherlock-audit/2024-03-axis-finance/blob/main/moonraker/src/AuctionHouse.sol#L465
Tool used
Manual Review
Recommendation
Cancellation Handling: Implement and clearly define lot cancellation logic, especially after partial settlements.