The _totalAuctionTokenAllocation
is not reset when removeAuctionConfig
is called under certain conditions, leading to potential token duplication and unrecoverable tokens. Additionally, the logic for setting and removing configurations during auction cooldown periods is inconsistent.
The _totalAuctionTokenAllocation
mapping is not being reset when removeAuctionConfig
is called in cases where configSetButAuctionStartNotCalled
is false. This can cause duplication issues if the configuration is removed and then set again. Specifically, this can lead to situations where the recoverToken
function will allow the recovery of fewer auction tokens than expected, potentially leaving tokens unrecoverable forever. This issue arises particularly when there is an auction start cooldown after calling startAuction
and removeAuctionConfig
is subsequently called. The current code structure also allows setting the next configuration while not permitting the removal of a configuration if the auction is in process, leading to inconsistencies.
High, possibility to remove more tokens than allocated for claim. Impossibility to reset those values.
Manual review
To resolve this issue, ensure that _totalAuctionTokenAllocation
is properly reset or adjusted when removeAuctionConfig
is called, particularly when configSetButAuctionStartNotCalled
is false. This will prevent duplication and ensure that tokens are recoverable as expected. Additionally, refactor the logic in removeAuctionConfig
to handle the removal of configurations more consistently, even during auction cooldown periods, and ensure that the next configuration can only be set when appropriate. This will help maintain the integrity of the auction process and prevent potential token recovery issues.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.