TempleGold

TempleDAO

Foundry

25,000 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

The `DaiGoldAuction::startAuction` function does not follow CEI which could cost more gas than necessary when it reverts

spomaria

Summary

DaiGoldAuction::startAuction function does not follow CEI which could cost more gas than necessary when it reverts

Vulnerability Details

The DaiGoldAuction::startAuction function effects a state change in the _currentEpochId variable, then checks a condition which can potentially revert all changes before using the updated value of the _currentEpochId variable to effect other state changes

uint256 epochId = _currentEpochId = _currentEpochId + 1;

if (totalGoldAmount < config.auctionMinimumDistributedGold) { revert LowGoldDistributed(totalGoldAmount); }

EpochInfo storage info = epochs[epochId];

instead of checking for the condition before causing any state changes in the _currentEpochId variable

Impact

Because the DaiGoldAuction::startAuction function does not follow CEI, the function will cost more gas than necessary when it reverts.

Tools Used

Manual review

Recommendations

Since the check

if (totalGoldAmount < config.auctionMinimumDistributedGold) { revert LowGoldDistributed(totalGoldAmount); }

does not depend on _currentEpochId, the section of the DaiGoldAuction::startAuction function that changes the state of the _currentEpochId variable can be rearranged as follows

- uint256 epochId = _currentEpochId = _currentEpochId + 1;

if (totalGoldAmount < config.auctionMinimumDistributedGold) { revert LowGoldDistributed(totalGoldAmount); }

+ uint256 epochId = _currentEpochId = _currentEpochId + 1;

EpochInfo storage info = epochs[epochId];

info.totalAuctionTokenAmount = totalGoldAmount;

uint128 startTime = info.startTime = uint128(block.timestamp) + config.auctionStartCooldown;

uint128 endTime = info.endTime = startTime + AUCTION_DURATION;

emit AuctionStarted(epochId, msg.sender, startTime, endTime, totalGoldAmount);

}

Updates

Lead Judging Commences

inallhonesty Lead Judge 12 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

25,000 USDC

nSLOC

998

25 USDC / LOC

High Medium

20,000 USDC

Low

2,500 USDC

Judges

2,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.