`AuctionConfigSet` event in `DaiGoldAuction::setAuctionConfig()` function emits `_currentEpochId` which is still set at the last epochId
Summary
setAuctionConfig is used to set the configuration for an auction before it starts. The AuctionConfigSet event is supposed to emit the ID of the auction for which the config has been set along with the config itself, but in the current implementation the ID will always point to the previous auction epoch.
Vulnerability Details
NOTE
Auction ID is used to better represent the latest auction number, it is not an actual state variable.
_currentEpochId points to the previous auction ID and is incremented after a successful call to DaiGoldAuction::startAuction(). Due to this fact, the epochID emitted in AuctionConfigSetevent after setting auctionConfig is always set at n-1, where n is the current auction ID. Current implementation can be seen below:
Impact
As events are used by off-chain services to track contract activities, incorrect event emission may cause unforseen discrepancies.
This can lead subgraphs and users to believe that the configuration has been set for an auction ID, say n, but in reality the current auction ID would be n + 1.
Recommendations
Update DaiGoldAuction::setAuctionConfig() at L#72 to emit the current auction ID and not the previous one.
Tools Used
Manual Review.
Lead Judging Commences
`AuctionConfigSet` event in `DaiGoldAuction::setAuctionConfig()` function emits `_currentEpochId` which is still set at the last epochId
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.