TempleGold

TempleDAO

Foundry

25,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

Potential Incorrect Auction State Detection Due to Uninitialized Epoch Timings

mahmud

Summary

The hasEnded and isActive functions in the EpochLib library can incorrectly determine the state of an auction if the startTime or endTime are not properly initialized (i.e., are zero). This can lead to false positives for auction states, potentially allowing auctions to be marked as active or ended inappropriately.

Vulnerability Details

Affected Functions:

hasEnded
isActive

Code Analysis:

In the current implementation, the hasEnded function only checks if endTime is less than or equal to the current timestamp (block.timestamp). If endTime is zero, this condition will always return true, potentially indicating that the auction has ended even if it hasn't been properly initialized.
Similarly, the isActive function checks if the current timestamp is between startTime and endTime. However, without checking if these times are greater than zero, the function might return true even if startTime or endTime are uninitialized.

Current Implementation:

function hasEnded(IAuctionBase.EpochInfo storage info) internal view returns (bool) {

return info.endTime <= block.timestamp;

}

function isActive(IAuctionBase.EpochInfo storage info) internal view returns (bool) {

return info.startTime <= block.timestamp && block.timestamp < info.endTime;

}

Impact

The incorrect detection of auction states can lead to unexpected behavior in the contract, such as:

Allowing interactions when the auction is not supposed to be active.
Marking an auction as ended prematurely.

Tools Used

Manual code review.

Recommendations

Update the hasEnded and isActive functions to include checks that ensure both startTime and endTime are properly initialized before determining the auction state.

Revised Implementation:

function hasEnded(IAuctionBase.EpochInfo storage info) internal view returns (bool) {

return info.endTime > 0 && info.endTime <= block.timestamp;

}

function isActive(IAuctionBase.EpochInfo storage info) internal view returns (bool) {

return (info.startTime <= block.timestamp && info.startTime > 0) &&

(block.timestamp < info.endTime && info.endTime > 0);

}

By incorporating these checks, you ensure that the auction states are accurately determined based on properly initialized values, thereby avoiding false positives and ensuring the correct behavior of the contract.

Updates

Lead Judging Commences

inallhonesty Lead Judge 11 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

25,000 USDC

nSLOC

998

25 USDC / LOC

High Medium

20,000 USDC

Low

2,500 USDC

Judges

2,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.