TempleGold

Summary

When claiming happens, the remainder from calculation of claimAmount is left as dust and stuck in the contract.

Even though the calculation of claimAmount use mulDivRound which can result in both round up/ round down, if rounding down occurs more frequently then there will be dust left in that auction round.

Furthermore, the recoverToken can not be used to recover the dust of this round since the round is ended so recoverToken will revert.

Vulnerability Details

The claimAmount calculation is

Since the roundup parameter is set as false, so it will round the result up or down to the nearest wei.

However, if round down occurs in this round then the TGLD token of this round will be stuck.

Consider a scenario:

In round 1:

there are 3 bidders, each of them has depositors[msg.sender][1] = 1e18

In this round totalAuctionTokenAmount = 1e18.

So each bidder will have claimAmount as (1e18 * 1e18)/3e18 = 3.333333333E17.

Here rouding down occurs since it is the nearest wei, so there will be 3 wei as dust left in this round.

In round 2:

there are 2 bidders, depositors[A][2] = 2e18 and depositors[B][2] = 1e18

In this round totalAuctionTokenAmount is also 1e18.

A's claimAmount = (2e18 * 1e18)/3e18 = 6.666666666E17 which will be rounded up to nearest wei as 6.666666667E17

B's claimAmount = (1e18 * 1e18)/3e18 = 3.333333333E17 which will be rounded down to nearest wei as 3.333333333E17

In round 2 there is no dust since the 1 wei dust from B is send to A.

So the dust from round 1 is still stuck in the contract.

And the dust of later rounds will compound as new auctions begins.

Impact

Dust of epochs[epochId].totalAuctionTokenAmount is left in the contract.

Tools Used

Manual review.

Recommendations

The left amount of epochs[epochId].totalAuctionTokenAmount should be added to the next auction round.