Summary

see the vulnerability details it's contain the explaining

Vulnerability Details

this line in code contain vulnerability if (eth < minAskEth) revert Errors.OrderUnderMinimumSize();
the condition checks if the product of price and eth is less than minAskEth. This condition is intended to ensure that the order being created meets a minimum size requirement, it doesn't account for potential overflow.
the overflow in the first condition can lead to the contract not reverting when it should, allowing orders that don't meet the minimum size requirement to be created

• here is a scenario show the issue
  let's say that an attacker submits a transaction to create an order with the following parameters:

• *asset to address

• *price = 1

• *ercAmount = MAX_UINT256

• The contract calculates eth as price * ercAmount, which results in eth being set to the maximum possible uint256 value, essentially causing an overflow.

• minAskEth is a smaller value, let's say 10.

• Since an overflow has occurred, the condition if (eth < minAskEth) mistakenly evaluates to false because the maximum possible uint256 value is not less than 10.

• As a result, the contract does not revert as intended and proceeds with the order creation, even though the order size is far below the minimum requirement.

Impact

a malicious users can create orders that don't meet the minimum size requirement, potentially disrupting the intended operation of the contract and causing financial losses.

Tools Used

manual review

Recommendations

add checks before comparing eth and minAskEth as an example :