Closed sherlock-admin2 closed 4 months ago
1 comment(s) were left on this issue during the judging contest.
WangAudit commented:
it seems to be a quite high cost attack since it can only be done at the end of the auction; the attacker has to bid higher everytime; therefore; it seems to be a valid low/info
bareli
medium
Bid can go on to infinite as we can use createBid to add bid in Buffertime.
Summary
Bid can go on to infinite as we can use createBid to add bid in Buffertime.
Vulnerability Detail
function createBid(uint256 nounId) external payable override nonReentrant { INounsAuctionHouse.Auction memory _auction = auction;
@> bool extended = _auction.endTime - block.timestamp < timeBuffer; if (extended) { @> auction.endTime = _auction.endTime = block.timestamp + timeBuffer; }
Impact
Bid can go on to infinite as we can use createBid to add bid in Buffertime.
Code Snippet
https://github.com/sherlock-audit/2024-03-nouns-dao-2/blob/main/nouns-monorepo/packages/nouns-contracts/contracts/NounsAuctionHouse.sol#L128
Tool used
Manual Review
Recommendation
use a mapping so that the same old addresss can be used again in Buffertime.